Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Lab 04

Oracle Access Management -

Access Manager 11g R2 PS3
OAuth API

Following servers needs to be running before you start this Lab (start if not running - refer to
Lab 0 for more details on starting/stopping servers):

 OUD Server (startOUD.sh)

 OAM Admin (startAdmin.sh)

 OAM Managed Server (startOAM.sh)

 OHTTP Server (startOHS.sh)

You may have to start/stop/restart additional servers as per instructions in this lab.

All passwords used during this Lab are Oracle123 unless otherwise specified

Disclaimer : The Virtual Machine (or hosted) Image and other software are provided for use only
during the workshop. Please note that you are responsible for deleting them from your
computers before you leave. If you would like to try out any of the Oracle products, you may
download them from the Oracle Technology Network

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 1 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp
(http://www.oracle.com/technology/index.html) or the Oracle E-Delivery Web Site
(http://edelivery.oracle.com)

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 2 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Contents

Lab Introduction ............................................................................................................................................ 4

Exercise 1 – Create OUD IDS Profile .............................................................................................................. 5
Exercise 2 – Enable Federation and Configure OAUTH. .............................................................................. 10
Exercise 3 – Extend the OUD Schema and IDS-Profile ................................................................................ 16
Exercise 4 – UserProfile configuration ........................................................................................................ 19
Exercise 5 – OAuth Client ............................................................................................................................ 21
Exercise 6 – Experience OAuth .................................................................................................................... 25

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 3 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Lab Introduction
OAuth provides a method to exchange identity credentials for an access token. This token, in
return, can be used for granting access of private resources in a user's account on one service
provider site to a second, consumer site without having to divulge the identity credentials to the
consumer site. Oracle Access Management implements the OAuth Core 2.0 specifications to
offer OAuth Services.
This lab showcases the capabilities of the Oracle Access Management OAuth Services. In our use
case, we have a client application called “myappOAuthwebclient “which needs to access and
modify the OAM user details by sending a OAuth request to OAM.
Since we do not have a real application to send the request, we will use CURL command to
imitate the interaction with OAM OAuth services (like getting access token, using the access
token to get authorization etc).

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 4 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Exercise 1 – Create OUD IDS Profile

Introduction – IDS Profiles are mandatory for OAuth configuration. As part of this lab we will
create an IDS Profile to be used in OAuth configuration.

Note: You can skip this exercise if you have already created an IDS profile as part of previous lab.

Steps

1. Login to OAM admin console. http://identity.oracleads.com:7001/oamconsole as

DCRANE/Oracle123.

2. Click on “User Identity Stores” under “Configuration” tab.

3. Under “Identity Directory Service” -> “IDS Profiles” click on “Create” button.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 5 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

4. In the IDSProfile creation form, provide the values in the respective fields as below.

Parameter Name Parameter Values

Name OUDStoreIDSProfile
Repository
Directory Type Oracle Unified Directory
Hostname/Port identity.oracleads.com/2389
Bind DN cn=Directory Manager
Bind Password Oracle123
Base DN dc=example,dc=com
User
Login ID Attribute uid
BasedDN ou=people,dc=example,dc=com
Group
ID Attribute cn
Base DN ou=groups,dc=example,dc=com

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 6 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 7 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

5. Click on “Test Connection” button and ensure you get a success message.

6. Click on “Create”. WAIT until the create operation is successful (it will take few seconds to
complete).

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 8 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

7. You should see the IDS Profile and IDS Repository created with the name
“OUDStoreIDSProfile”.

Summary – As part this exercise you created the IDS profile.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 9 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Exercise 2 – Enable Federation and

Configure OAUTH.
Introduction – If you have not done already, you need to enable the Identity Federation and
Mobile & Social feature in OAM. We also need to configure the OOTB default OAuth Domain to
use the IDS profile we created.

Step 2.a) • Enable Federation and Mobile&Social for enabling Mobile OAuth Services.

1. Log in to the Oracle Access Management Console

http://identity.oracleads.com:7001/oamconsole
2. Go to “Configuration”-> ”Available Services” . Enable “Identity Federation”.

3. Under “Configuration” tab click on “Available Services”.

4. Enable “Mobile and Social”. Click “Enable Service” when prompted.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 10 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Step 2.b) • Configure Mobile OAuth Services to Protect the Secret Key Endpoint.

1. Open the browser and login to OAM admin console

http://identity.oracleads.com:7001/oamconsole . Click on “Mobile OAuth Servies” under
“Mobile Security” tab.

2. Click on “DefaultDomain”.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 11 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

3. From the “Resource Servers” tab, click “UserProfile” under “User Profile Services”.

4. Select “OUDStoreIDSProfile” as “Identity Store Name”. If you don’t see OUDStoreIDSProfile,

please complete the Exercise 1.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 12 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

5. Expand the “Resource URIs”. Under the “/secretkey” tab, expand “Attributes”.
6. Change the value of “basicauth.allowed” to true.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 13 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

7. Uncheck “Proxy Authentication” under “Proxy Authentication”.

8. Click Apply.
9. Any custom attributes you need to return can be mapped in OUD store. Make the attribute
searchable. Click Apply in the Page to save the changes

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 14 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Summary – In this exercise you protected the /secretkey endpoint with basic authentication
scheme of OAM. This would mean that whenever this service is requested, an user
authentication will be performed and the user login details will be validated against the OUD
store.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 15 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Exercise 3 – Extend the OUD Schema and

IDS-Profile
Introduction – As part of this lab, we would be modifying a custom attribute of the user. Hence,
we will use the custom ob* attributes created during password policy configuration done as part
of “Lab 01-OAM11gR2Features”. If you have not done “01-OAM11gR2Features” lab, then please
complete the lab and then proceed with the steps below. NON COMPLETION OF LAB01 WILL
LEAD TO FAILURE OF THIS LAB.

Note: Once you have completed Exercise 4 and 5 of Lab01- OAM11gR2Features, you need to
note down the user whom you tested the password policy lab. We need the SAME user for
testing this lab as well. This is because, we are going to modify the “oblogintrycount” attribute
of OUD user record as part this exercise. This attribute is created for the user in OUD only when
you come complete the Lab01 Exercises 4 and 5.

We now need to modify the IDS Profile to include the custom attribute which gets created in the
user record in OUD as part of Lab01-OAM11gR2Features.

Steps

1. Login to OAM admin console. Under “Configuration” tab” click on “User Identity Stores”.

2. Under “IDS Profiles” section, select the “OUDStoreIDSProfile” and click edit.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 16 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

3. Under “Entity Attributes” tab, click “Add”

4. Add the values as below. And click “Save”.

Name: LoginTryCount
Physical Attribute: oblogintrycount
Type:String
Description: Used for account lock.

Note: If you already have this mapping created as part of previous lab, then just update the
description field.

5. Click “Apply”. (DON’T MISS THIS STEP!)

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 17 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 18 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Exercise 4 – UserProfile configuration

Introduction – We need to add the custom attribute that we created in the previous exercise, to
be retuned in UserProfile. Hence we need to configure the User Profile scope for Users. Under
the Scopes , click on /Users and add the attributes (select) under Attributes. This should let you
display the attribites.

Steps

1. In the oam admin screen, under “Federation” tab, click “OAuth Services”. Click “Default
Domain”.
2. Under the “Resource Servers” tab, click on “UserProfile” under “User Profile Services”.

3. Under “Scopes”, select the “/Users” URI and click on “Add” under the “Identity Attributes of
selected scope xxxx”

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 19 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

4. Select “LoginTryCount” from the list of attributes under “Attribute”.

5. Click “Apply”.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 20 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

Exercise 5 – OAuth Client

Introduction – The client application which uses the OAM OAuth services needs to be registered
as an OAuth client. We will go through the steps required for client configuration in OAuth.

Use the ClientID:ClientPassword in base64 format for accessing oAuth Service.

Steps

1. In OAM Admin console, under “Federation” tab, click on “OAuth Services”.

2. Under “OAuth Identity Domains” click “DefaultDomain”

3. Under the “Clients” tab, click on “Create” button.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 21 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

4. In the Client Configuration page, enter the details as below.

Name: myappOAuthwebclient
ClientID: myappOAuthwebclient
ClientSecret: Oracle123

5. Under “Privileges”-> “Allowed Scopes”, click “Add” and select “UserProfile.users”.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 22 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

6. Also, select “Resource Owner Credentials” as the “Grant Type”.

7. Click “Create”, you should see a confirmation as below..

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 23 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

8. In the “Clients” tab, you should see the “myappOAuthwebclient” created. Refresh if you
don’t see it.

9. In the above steps we had given OAuth clientid and client secret key for this specific client.
Now this needs to be used by the client for any communication with OAM OAuth services in
base64 format. While the real world application may do it own it’s own, we need to find the
base64 value of “clientid:clientsecret” to use in the curl command.
10. You may use any method to convert the string into base64 format. One example is to use
https://www.base64encode.org/.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 24 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

11. The encoded base64 value for “myappOAuthwebclient:Oracle123” is

“bXlhcHBPQXV0aHdlYmNsaWVudDpPcmFjbGUxMjM=”. We will use this value in our
authorization request.

Exercise 6 – Experience OAuth

Introduction – We will use the CLI for testing purpose but in the real world scenario, it would be
an application which would be sending these requests to the OAM.

Steps

1. Login to terminal as “Oracle/Oracle123”. Execute the below steps.

2.

curl -i -H 'Authorization:Basic bXlhcHBPQXV0aHdlYmNsaWVudDpPcmFjbGUxMjM=' -H 'Content-

Type:application/x-www-form-urlencoded;charset=UTF-8' --request POST
http://identity.oracleads.com:14100/ms_oauth/oauth2/endpoints/oauthservice/tokens -d
'grant_type=password&username=DCRANE&password=Oracle123&scope=UserProfile.users'

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 25 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

3. You should see an output like below. The output should contain the access token.

"eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCIsIng1dCI6Ilh0em9yVUdfWmtOVDZRUUg2eElMYXl0UENn
TSIsImtpZCI6Im9yYWtleSJ9.eyJzdWIiOiJkY3JhbmUiLCJvcmFjbGUub2F1dGgudXNlcl9vcmlnaW5fa
WRfdHlwZSI6IkxEQVBfVUlEIiwib3JhY2xlLm9hdXRoLnVzZXJfb3JpZ2luX2lkIjoiZGNyYW5lIiwiaXNzIj
oid3d3Lm9yYWNsZS5leGFtcGxlLmNvbSIsIm9yYWNsZS5vYXV0aC5zdmNfcF9uIjoiT0F1dGhTZXJ2a
WNlUHJvZmlsZSIsImlhdCI6MTQ1MjI3ODU5Nywib3JhY2xlLm9hdXRoLnBybi5pZF90eXBlIjoiTERBU
F9VSUQiLCJleHAiOjE0NTIyODIxOTcsIm9yYWNsZS5vYXV0aC50a19jb250ZXh0IjoicmVzb3VyY2VfY
WNjZXNzX3RrIiwicHJuIjoiZGNyYW5lIiwianRpIjoiNTFmYTM2OTItMjEyMS00YzBmLWE4Y2MtNzg5
NmMyMzVkYWRlIiwib3JhY2xlLm9hdXRoLmNsaWVudF9vcmlnaW5faWQiOiJteWFwcE9BdXRod2
ViY2xpZW50Iiwib3JhY2xlLm9hdXRoLnNjb3BlIjoiVXNlclByb2ZpbGUudXNlcnMiLCJ1c2VyLnRlbmFu
dC5uYW1lIjoiRGVmYXVsdERvbWFpbiIsIm9yYWNsZS5vYXV0aC5pZF9kX2lkIjoiMTIzNDU2NzgtMTIz
NC0xMjM0LTEyMzQtMTIzNDU2Nzg5MDEyIn0.DZ_7O0EB88NtsxaT-
hwqHc24RRy4LHADvAXcFpb0HZhg1qQcvfdT3Sppykx39GuSqTluzTPiLV78tq7j9bZPidsO3qgnwAzV
0mM5yMQ8nlPaZQc1l74AfGhW5Mf56npqjIyLyfSw-2TY9bCcuE6L4Izi3g-TcfhWoNHvbkjCj3k"

4. Now using this access token, we will perform certain operations.

5. Lets send a GET request to OAuth services.
curl -i --request GET
"http://identity.oracleads.com:14100/ms_oauth/resources/userprofile/users/JDOE” -H
'Authorization:<Substitute Access Token Obtained in Step3> ...

You should replace the access token (highlighted above) with the one you get in your
environment. Sample query is below.

curl -i --request GET

"http://identity.oracleads.com:14100/ms_oauth/resources/userprofile/users/JDOE" -H
'Authorization:eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCIsIng1dCI6Ilh0em9yVUdfWmtOVDZRUUg
2eElMYXl0UENnTSIsImtpZCI6Im9yYWtleSJ9.eyJzdWIiOiJkY3JhbmUiLCJvcmFjbGUub2F1dGgudX
Nlcl9vcmlnaW5faWRfdHlwZSI6IkxEQVBfVUlEIiwib3JhY2xlLm9hdXRoLnVzZXJfb3JpZ2luX2lkIjoiZ
GNyYW5lIiwiaXNzIjoid3d3Lm9yYWNsZS5leGFtcGxlLmNvbSIsIm9yYWNsZS5vYXV0aC5zdmNfcF
9uIjoiT0F1dGhTZXJ2aWNlUHJvZmlsZSIsImlhdCI6MTQ1MjI3ODU5Nywib3JhY2xlLm9hdXRoLnBy
bi5pZF90eXBlIjoiTERBUF9VSUQiLCJleHAiOjE0NTIyODIxOTcsIm9yYWNsZS5vYXV0aC50a19jb250

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 26 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp
ZXh0IjoicmVzb3VyY2VfYWNjZXNzX3RrIiwicHJuIjoiZGNyYW5lIiwianRpIjoiNTFmYTM2OTItMjEy
MS00YzBmLWE4Y2MtNzg5NmMyMzVkYWRlIiwib3JhY2xlLm9hdXRoLmNsaWVudF9vcmlnaW5f
aWQiOiJteWFwcE9BdXRod2ViY2xpZW50Iiwib3JhY2xlLm9hdXRoLnNjb3BlIjoiVXNlclByb2ZpbG
UudXNlcnMiLCJ1c2VyLnRlbmFudC5uYW1lIjoiRGVmYXVsdERvbWFpbiIsIm9yYWNsZS5vYXV0aC
5pZF9kX2lkIjoiMTIzNDU2NzgtMTIzNC0xMjM0LTEyMzQtMTIzNDU2Nzg5MDEyIn0.DZ_7O0EB88
NtsxaT-
hwqHc24RRy4LHADvAXcFpb0HZhg1qQcvfdT3Sppykx39GuSqTluzTPiLV78tq7j9bZPidsO3qgnwA
zV0mM5yMQ8nlPaZQc1l74AfGhW5Mf56npqjIyLyfSw-2TY9bCcuE6L4Izi3g-TcfhWoNHvbkjCj3k'

6. You should receive an output with the user details of JDOE.

HTTP/1.1 200 OK
Date: Fri, 08 Jan 2016 18:47:12 GMT
Transfer-Encoding: chunked
Content-Type: application/json
X-ORACLE-DMS-ECID: 024170c1c59452c4:-7a347407:152223f6903:-8000-00000000000017e6
X-Powered-By: Servlet/2.5 JSP/2.1

{"uid":"JDOE","mail":"john.doe@oracleads.com","description":"591CFBB87454802A2897CB70C
6285FC5145AA88256D46E21B03FAB411CA5D041","commonname":"John
Doe","uri":"\/ms_oauth\/resources\/userprofile\/users\/JDOE"}[oracle@identity ~]$

7. Lets update DADAMS. Format is

curl -i -H "Content-Type:application/json" -H "Authorization:<Substitute Access Token Obtained

in Step3>” --request PUT
http://identity.oracleads.com:14100/ms_oauth/resources/userprofile/users/DADAMS -d
'{"description":"My OAuth Test"}'

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 27 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp
 You should replace the access token (highlighted above) with the one you get in your
environment. Sample query is below.

curl -i -H "Content-Type:application/json" -H
"Authorization:eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCIsIng1dCI6Ilh0em9yVUdfWmtOVDZRUUg2
eElMYXl0UENnTSIsImtpZCI6Im9yYWtleSJ9.eyJzdWIiOiJEQ1JBTkUiLCJvcmFjbGUub2F1dGgudXNlcl
9vcmlnaW5faWRfdHlwZSI6IkxEQVBfVUlEIiwib3JhY2xlLm9hdXRoLnVzZXJfb3JpZ2luX2lkIjoiRENSQ
U5FIiwiaXNzIjoid3d3Lm9yYWNsZS5leGFtcGxlLmNvbSIsIm9yYWNsZS5vYXV0aC5zdmNfcF9uIjoiT0
F1dGhTZXJ2aWNlUHJvZmlsZSIsImlhdCI6MTQ1MjUxMjY1Niwib3JhY2xlLm9hdXRoLnBybi5pZF90e
XBlIjoiTERBUF9VSUQiLCJleHAiOjE0NTI1MTYyNTYsIm9yYWNsZS5vYXV0aC50a19jb250ZXh0Ijoicm
Vzb3VyY2VfYWNjZXNzX3RrIiwicHJuIjoiRENSQU5FIiwianRpIjoiZjEzOGQ0ODQtNDA0OC00Zjc5LTg2
ZjUtZGE3ODc3ZjA1OWY2Iiwib3JhY2xlLm9hdXRoLmNsaWVudF9vcmlnaW5faWQiOiJteWFwcE9B
dXRod2ViY2xpZW50Iiwib3JhY2xlLm9hdXRoLnNjb3BlIjoiVXNlclByb2ZpbGUudXNlcnMiLCJ1c2VyLn
RlbmFudC5uYW1lIjoiRGVmYXVsdERvbWFpbiIsIm9yYWNsZS5vYXV0aC5pZF9kX2lkIjoiMTIzNDU2N
zgtMTIzNC0xMjM0LTEyMzQtMTIzNDU2Nzg5MDEyIn0.K1ZuIl8n-
SrK22KXTqBbH2n0x6Z9m9OU5ikrq9xWQuFhD3tuS8fVuYcYSpJy_jWifhE8S-w-zltWRdomizrOyJ-
ZwmvMiTwNnX_K5w9EaDwgQAg-KPmxzVDtBFAi16-
0jNjG5jUfZoNwZ0tuhDIzABG9NHfBtTtiY6LM3M85-0M" --request PUT
http://identity.oracleads.com:14100/ms_oauth/resources/userprofile/users/DADAMS -d
'{"description":"My OAuth Test"}'

8. Update was successful.

9. Try creating a user using a similar curl command as above...Pass on the attributes ‘mail’,
‘description’, ‘commonname’, ‘firstname’, ’lastname’, ‘loginid’. The output should look similar
to the one below…

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 28 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp

10. Update the custom attribute (LoginTryCount) of the user JKRAUSE using Display Name in the
mapped profile… (You may use any use who has already gone through the password policy
scenario in Lab01). However, if you use a user whose oblogintrycount attribute not set in
OUD, then you may receive an error in response.

curl -i -H "Content-Type:application/json" -H "Authorization:<Substitute Access Token Obtained

in Step3>” --request PUT
http://identity.oracleads.com:14100/ms_oauth/resources/userprofile/users/JKRAUSE -d
'{"LoginTryCount":"0"}'

 You should replace the access token (highlighted above) with the one you get in your
environment. Sample query is below.

curl -i -H "Content-Type:application/json" -H
"Authorization:eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCIsIng1dCI6Ilh0em9yVUdfWmtOVDZRUUg2
eElMYXl0UENnTSIsImtpZCI6Im9yYWtleSJ9.eyJzdWIiOiJEQ1JBTkUiLCJvcmFjbGUub2F1dGgudXNlcl
9vcmlnaW5faWRfdHlwZSI6IkxEQVBfVUlEIiwib3JhY2xlLm9hdXRoLnVzZXJfb3JpZ2luX2lkIjoiRENSQ
U5FIiwiaXNzIjoid3d3Lm9yYWNsZS5leGFtcGxlLmNvbSIsIm9yYWNsZS5vYXV0aC5zdmNfcF9uIjoiT0
F1dGhTZXJ2aWNlUHJvZmlsZSIsImlhdCI6MTQ1MjYwOTA5NSwib3JhY2xlLm9hdXRoLnBybi5pZF90
eXBlIjoiTERBUF9VSUQiLCJleHAiOjE0NTI2MTI2OTUsIm9yYWNsZS5vYXV0aC50a19jb250ZXh0Ijoic
mVzb3VyY2VfYWNjZXNzX3RrIiwicHJuIjoiRENSQU5FIiwianRpIjoiNDUxYjZiZjAtYTRjYS00MmY2LWI
yM2UtN2U1YzhmMTMzZGExIiwib3JhY2xlLm9hdXRoLmNsaWVudF9vcmlnaW5faWQiOiJteWFwcE
9BdXRod2ViY2xpZW50Iiwib3JhY2xlLm9hdXRoLnNjb3BlIjoiVXNlclByb2ZpbGUudXNlcnMiLCJ1c2Vy
LnRlbmFudC5uYW1lIjoiRGVmYXVsdERvbWFpbiIsIm9yYWNsZS5vYXV0aC5pZF9kX2lkIjoiMTIzNDU
2NzgtMTIzNC0xMjM0LTEyMzQtMTIzNDU2Nzg5MDEyIn0.GUVdaBFuLa0Ek0RzKYyYuKXIF1cvD64
WWYQ20mtEuXWR_oTHUQs-6whkFcIchvCnCTm-V-
rhsggIpD4q7zOg7I2KPHylDixCcCg77gQLxKQSf2APNqUVr7h6z1C88LDzMmCnD_YiysGXxX5xBmfM
hwZcduBLnpfXCip5ZMvgkg0" --request PUT
http://identity.oracleads.com:14100/ms_oauth/resources/userprofile/users/JKRAUSE -d
'{"LoginTryCount":"0"}'

Response
{"uid":"JGALAS","mail":"Jarvis.Galas@oracleads.com","LoginTryCount":"0","LastSucessfulLogin":
"2015-10-30T10:43:11Z","description":"My OAuth
Test","UserStatus":"activated","lastname":"Gallas","commonname":"Jarvis
Gallas","firstname":"Jarvis","uri":"\/ms_oauth\/resources\/userprofile\/users\/JGALAS","mobile
":"4646565"}

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 29 | P a g e
 Oracle Access Management Suite Plus 11g R2 PS3 Bootcamp
Summary – In this lab, we executed different OAuth requests to update OAM users.

Oracle Access Management Access Manager 11g R2 PS3

Lab xx - 30 | P a g e