Skip to Main Content

APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

APEX-managed HTTP Header Web Credential not working

Jared CJan 8 2025

Hi, I am making a REST call to this Clover endpoint. This is the first time I have ever set up a call to a REST endpoint from PL/SQL and Oracle DB (my previous experience in this realm is with C# or OutSystems). Anyways, I thought that there was probably a way to secure the bearer token. I searched and found this article by Plamen Mushkov. I followed his steps but unfortunately I keep running into an error:

declare
*
ERROR at line 1:
null


More Details :

I am on APEX 21.1.5, whereas it seems Plamen is on a newer version (based on observing how he utilizes the apex_web_service API).

In any case, this call works:

declare
    l_response clob;
begin
    -- Set the Request HTTP Headers.
    apex_web_service.set_request_headers(
        p_name_01  => 'Accept'
        ,p_value_01 => '*/*'
        ,p_name_02 => 'Authorization'
        ,p_value_02 => 'Bearer <bearerToken>'
        ,p_reset => true
    );

  -- Call API using Username and Password.
    l_response := apex_web_service.make_rest_request(
        p_url => 'https://api.clover.com/v3/merchants/<mId>/tenders'
        ,p_http_method => 'GET'
    );

    dbms_output.put_line('Response Status : ' || apex_web_service.g_status_code);
    dbms_output.put_line('Response Payload: ' || substr(l_response, 1, 5000));
end;
/

However, calling using the managed HTTP Header Web Credential does not work as suggested by Plamen (note the parameter p_credential_static_id in apex_web_service.make_rest_request) :

declare
    l_response clob;
begin
    -- Set the Request HTTP Headers.
    apex_web_service.set_request_headers(
        p_name_01  => 'Accept'
        ,p_value_01 => '*/*'
        ,p_reset => true
    );

  -- Call API using Username and Password.
    l_response := apex_web_service.make_rest_request(
        p_url => 'https://api.clover.com/v3/merchants/<mId>/tenders'
        ,p_http_method => 'GET'
        ,p_credential_static_id => 'API_KEY_CLOVER'
    );

    dbms_output.put_line('Response Status : ' || apex_web_service.g_status_code);
    dbms_output.put_line('Response Payload: ' || substr(l_response, 1, 5000));

end;
/

This is how I have the web credential set up:

(I have removed all sensitive details, but I can assure you these line up appropriately on my side.)

In the “Credential Secret” field I tried both Bearer <bearerToken> as well as just <bearerToken>. I changed the valid URL from https://api.clover.com/v3/merchants/<mId> to https://api.clover.com. I reviewed this documentation on managing web credentials for APEX 21.1. I verified that the apex_web_service.make_rest_request function in 21.1 has a p_credential_static_id parameter here (it says it is configured in Shared Components, whereas I configured by web credential in App Builder > Workspace Utilities > Web Credentials).

I am not exactly sure what the problem is, though I am still searching. If the problem is apparent to anyone, I would greatly appreciate additional information and context!

This post has been answered by InoL on Jan 8 2025
Jump to Answer
Comments
Post Details
Added on Jan 8 2025
4 comments
60 views