I googled about this question several days but I couldn't find good resources for my question.
I wanna get the list of roles assigned to ORDS_PUBLIC_USER after a client authorized with the auth2 method (with client_id and secret_key) to call services. how do that? and my other question is how to get which client_id(authorized) and calling services now?
thanks in advance
When a new OAuth token is requested, a row is added to the table ORDS_METADATA.SEC_SESSIONS with that token's information.
In the definition of your REST API, you should be able to get the OAuth token using UTL_HTTP.GET_HEADER and look up that token's information in the table. The STATE column of ORDS_METADATA.SEC_SESSIONS contains JSON that has information about what that token has access to which includes the roles that this token has access to.
You can then use the USERID column of the ORDS_METADATA.SEC_SESSIONS table to match to the CLIENT_ID column of the ORDS_METADATA.OAUTH_CLIENTS or USER_ORDS_CLIENTS table/view to find the OAuth client that the token is associated with.