Hi Everyone,
I’m encountering an issue when trying to create a pre-authenticated request (PAR) for Oracle Object Storage using Oracle APEX's (PLSQL) make_rest_request
function. Here’s the PL/SQL block I’m using:
DECLARE
l_request_url VARCHAR2(1000);
l_request_json CLOB;
l_response_json CLOB;
l_par_name VARCHAR2(1000);
p_object_name VARCHAR2(1000);
l_expires_str VARCHAR2(1000) := '2024-12-31T23:59:59Z';
BEGIN
l_par_name := 'PAR_NAME_PREFIX' || 'AnyObjectReadWrite' || '-' || l_expires_str;
l_request_url := 'https://objectstorage.us-ashburn-1.oraclecloud.com/n/esdfrdvgdcvg/b/test_bucket/p/';
l_request_json := '{'
|| '"accessType":'
|| apex_json.stringify('AnyObjectReadWrite')
|| ','
|| '"name":'
|| apex_json.stringify(l_par_name)
|| ','
|| CASE
WHEN p_object_name IS NOT NULL THEN
'"objectName":'
|| apex_json.stringify(p_object_name)
|| ','
ELSE NULL
END
|| '"bucketListingAction":'
|| apex_json.stringify('Deny')
|| ','
|| '"timeExpires":'
|| apex_json.stringify(l_expires_str)
|| '}';
l_response_json := apex_web_service.make_rest_request(
p_url => l_request_url,
p_http_method => 'POST',
p_body => l_request_json,
p_credential_static_id => 'test_web_credit_file',
p_wallet_path => 'file:/u01/app//oci_wallet',
p_wallet_pwd => 'TES-WALLET'
);
dbms_output.put_line(l_response_json);
END;
Issue: I’m receiving the following error:
ORA-20987: APEX - Authentication failed.
ORA-06512: at "APEX_210200.WWV_FLOW_WEB_SERVICES", line 1182
ORA-06512: at "APEX_210200.WWV_FLOW_ERROR", line 1069
ORA-06512: at "APEX_210200.WWV_FLOW_ERROR", line 1517
ORA-06512: at "APEX_210200.WWV_FLOW_WEB_SERVICES", line 1117
ORA-06512: at "APEX_210200.WWV_FLOW_WEB_SERVICES", line 1371
ORA-06512: at "APEX_210200.WWV_FLOW_WEBSERVICES_API", line 626
ORA-06512: at line 17
ORA-06512: at "SYS.DBMS_SQL", line 1721
Web credential is set properly & please review the policies we used in Oracle cloud for the USER
- Allow group OracleIdentityCloudService/TEST-GRP to manage buckets in compartment TST-BUC where any {request.permission='PAR_MANAGE', request.permission='PAR_READ'}
- Allow group OracleIdentityCloudService/TEST-GRP to manage objects in compartment TST-BUC where any {target.bucket.name='test_bucket', any {request.permission='OBJECT_CREATE', request.permission='OBJECT_READ', request.permission='OBJECT_OVERWRITE'}}
Please give some suggestions to resolve this.
Thanks