ORDS, SODA & JSON in the Database

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

ORDS 23.3 and JWT Token

Lukasz WasylowOct 31 2023

I was wondering if anyone successfully configured a ORDS to use external Identity Provider ?

I have setup a profile and I can see on ORDS log that token is validated but service still is not properly authorized.

According to documentation I have setup an sample test profile with an audience : “ords/test_ords", created new module “api” and dummy GET select 1 from dual called “reports”.

Then I created a privilege called “reports” protecting resource "/reports/*" .

When trying to make a connection using an issued token I'm still getting 401. The token decoded looks like this ( edited some info out ):

{
"iss": "https://identityserver-dev.ad.company.com",
"nbf": 1698674420,
"iat": 1698674420,
"exp": 1698678020,
"aud": [
"ords/test_ords",
"reports",
"https://identityserver-dev.ad.company.com/resources"
],
"scope": [
"ords/test_ords",
"reports"
],
"client_id": "ords_test",
"jti": "1231223"
}

As per documentation the audience matches and scope should be privilege name in one of the scopes in list ?

Cheers

Lukasz

This post has been answered by thatJeffSmith-Oracle on Nov 7 2023

Jump to Answer

Added on Oct 31 2023

#identity-management, #ords

8 comments

1,987 views

1 mention