oracle-databaseplsqlrestful-authenticationoracle-apex-19.1

Accessing protected restful webservice


I've created few Rest Web Services using oracle apex environment. And need to call it from different database schema.

(For e.g. I've 2 schema's abc and xyz. And both have their own apex environments. API's are created on abc's apex environment. And I need to call it using plsql under xyz schema.)

Now when it is unprotected, I can successfully able to call the API and send / receive the data.

But once I apply the privilege on it, I'm getting below error:enter image description here

If I use Postman, I can able to generate the token as shown in screenshot below: enter image description here

This activity is new to me. So, I guess I'm doing something wrong or missed something to add while calling this API.

Here is my code sample:

    apex_web_service.oauth_authenticate(
        p_token_url     => l_request_url || '/oauth/token',
        p_client_id     => l_client_id,
        p_client_secret => l_client_secret);

     begin
         apex_web_service.oauth_set_token(
             p_token =>  apex_web_service.oauth_get_last_token
         );
     end;

    l_request_headers_tab (1).name := 'Authorization';
    l_request_headers_tab (1).VALUE := 'Bearer ' || apex_web_service.oauth_get_last_token;

    l_request_headers_tab (2).name := 'Content-TYPE';
    l_request_headers_tab (2).VALUE := 'application/json';

    <calling apex_web_service.make_rest_request>

Although I checked that apex_web_service.oauth_get_last_token is also returning the token. So don't know why I'm still getting the 401 error.

Please help me to fix this.

Thanks,


Solution

  • It seems, apex_web_service.oauth_set_token is resetting the token. Hence headers_tab was not receiving the token. Though I really thought it is for setting the token to the API.

    After removing below portion, it worked!

    begin
        apex_web_service.oauth_set_token(
            p_token =>  apex_web_service.oauth_get_last_token
        );
    end;
    

    Will be grateful if any in depth explanation is given.