Oracle API Integration Connection¶
Oracle HCM is a complete cloud solution that connects every human resource process and every person across enterprises. Hire2Retire product supports Oracle API Integration as the entry point to fetch employee's data.
Create a Connection¶
The API integration of Oracle uses Basic Authentication and OAuth2 mechanism for authentication. Oracle requires the following keys to authenticate its clients using these mechanism:
Basic Authentication¶
- Identity URL - The REST Server URL of your Oracle Cloud service. For example, https://servername.fa.us2.oraclecloud.com.
- Username - An Oracle Cloud service username with permissions to access the resources.
- Password - Password of your Oracle Cloud Service account .You can find the Identity URL (REST Server URL), username, and password in the welcome email sent to your Oracle Cloud service administrator.
Roles and Privileges Required for Basic Auth¶
The provided username must have the required roles with appropriate security privileges to fetch the following objects: worker, locations, public worker, and worker email.
- For more details on roles and privileges, refer to this Oracle guide.
- You can follow this guide to assign the roles and permissions. Specifically, the username requires:
- Read and Describe permissions for all listed objects.
- Write access for Worker Email to writeback work email in HR System.
OAuth2 Authentication¶
-
Client ID - The client ID is in your app settings in Oracle Identity Cloud Service. Just go to Configuration > General Information.
-
Client Secret - The client Secret is in your app settings in Oracle Identity Cloud Service. Just go to Configuration > General Information.
-
Scope - The scope value for your Oracle Integration instance can be found in the trusted app settings. Simply navigate to Configuration > Accessing APIs. Under Allowed Scopes, you will typically see a scope similar to this one: https://CA6ABF5D.myhost.example.com:443urn:opc:resource:consumer::all.
-
Identity Cloud Service URL - The Identity Cloud Service URL is the gateway to Oracle Identity Cloud Service. It's where administrators handle configurations, and users manage their account details and app access.
-
Oracle Integration instance URL - The base URL for Oracle HCM REST APIs it varies based on your specific instance and Oracle Cloud environment.
Obtaining Identity Cloud Service URL for Oracle¶
To obtain your Identity Cloud Service URL, follow the instructions on this page.
Obtaining Oracle Integration instance URL for Oracle¶
To obtain your Oracle Integration instance URL, follow the instructions on this page.
Configuration¶
Once you have successfully configured the connections, you can continue with the Design section to configure the rest of the workflow following these steps in order.
- HR Employee Data Definition
- HR to AD Profile Map
- Lifecycle Business Rules
- Employment Status
- Organizational Unit Assignment - Only defined in on-premise Active Directory
- Group Memberships
- Security Group Memberships
- Distribution List Memberships
- Microsoft 365 Groups Memberships Only defined in Hybrid (with Exchange Online Services) and Entra ID
- Entra ID Distribution List Memberships Only defined in Entra ID and Hybrid, when Exchange Online Services is configured
- Entra ID Security Groups Only defined in Hybrid (with Enable Entra ID Security Groups) and Entra ID
- Mail Enabled Security Group Memberships Only defined in Entra ID and Hybrid, when Exchange Online Services is configured
- Mailing List Assignment Provided in Google Directory
- Communication Hub
Deployment¶
Once your workflow has been setup, you can optionally setup notifications and archival for your workflow.
- Compliance and Audit Trail
- Run Mode
- Error Notifications
- Monitor Receipt of Scheduled HR Extract
- Environment
Otherwise, you can proceed to deploy and test it on the Hire2Retire platform, see Deploy and Test Flow