Oracle API Integration Connection

Oracle HCM is a complete cloud solution that connects every human resource process and every person across enterprises. Hire2Retire product supports Oracle API Integration as the entry point to fetch employee's data.

Create a Connection

The API integration of Oracle uses Basic Authentication and OAuth2 mechanism for authentication. Oracle requires the following keys to authenticate its clients using these mechanism:

Basic Authentication

• Identity URL - The REST Server URL of your Oracle Cloud service. For example, https://servername.fa.us2.oraclecloud.com.
• Username - An Oracle Cloud service username with permissions to access the resources.
• Password - Password of your Oracle Cloud Service account .You can find the Identity URL (REST Server URL), username, and password in the welcome email sent to your Oracle Cloud service administrator.

Figure 1. Oracle API Basic Auth Connection Set Up page - Create Connection

Roles and Privileges Required for Basic Auth

The provided username must have the required roles with appropriate security privileges to fetch the following objects: worker, locations, public worker, and worker email.

1. For more details on roles and privileges, refer to this Oracle guide.
2. You can follow this guide to assign the roles and permissions. Specifically, the username requires:
   • Read and Describe permissions for all listed objects.
   • Write access for Worker Email to writeback work email in HR System.

OAuth2 Authentication

• Client ID - The client ID is in your app settings in Oracle Identity Cloud Service. Just go to Configuration > General Information.

• Client Secret - The client Secret is in your app settings in Oracle Identity Cloud Service. Just go to Configuration > General Information.

• Scope - The scope value for your Oracle Integration instance can be found in the trusted app settings. Simply navigate to Configuration > Accessing APIs. Under Allowed Scopes, you will typically see a scope similar to this one: https://CA6ABF5D.myhost.example.com:443urn:opc:resource:consumer::all.

• Identity Cloud Service URL - The Identity Cloud Service URL is the gateway to Oracle Identity Cloud Service. It's where administrators handle configurations, and users manage their account details and app access.

• Oracle Integration instance URL - The base URL for Oracle HCM REST APIs it varies based on your specific instance and Oracle Cloud environment.

Figure 2. Oracle API OAuth Connection Set Up page - Create Connection

Obtaining Identity Cloud Service URL for Oracle

To obtain your Identity Cloud Service URL, follow the instructions on this page.

Obtaining Oracle Integration instance URL for Oracle

To obtain your Oracle Integration instance URL, follow the instructions on this page.

Configuration

Once you have successfully configured the connections, you can continue with the Design section to configure the rest of the workflow following these steps in order.

1. HR Employee Data Definition
   • API Integration
2. Lifecycle Business Rules
3. Employment Status
4. HR to AD Profile Map
5. Organizational Unit Assignment - Only defined in on-premise Active Directory
6. Security Group Assignment
7. Distribution List Assignment

Deployment

Once your workflow has been setup, you can optionally setup notifications and archival for your workflow.

• Hire2Retire Event Notifications
• Hire2Retire Compliance and Audit Trail

Otherwise, you can proceed to deploy and test it on the Hire2Retire platform, see Deploy and Test Flow