Saturday, August 12, 2017

#594 The Hare of the Dog Vol III now available on Amazon
























A veritable book of books, now available on Amazon.
Just search under my name - Niall Commiskey.

Buy all 3 volumes to get your very own Irish Flag -














Thursday, August 10, 2017

#593 Oracle Cloud Security Whitepaper




















Many customers moving to the cloud have questions vis-a-vis security.
This document is an excellent source for answering them.

Check it out here

Wednesday, August 9, 2017

#592 ICS / APIP CS Integration

Here is my ICS integration -

Simple stuff, just a REST interface to creating an organization in Service Cloud.



Here is the endpoint -
https://myICS/integration/flowapi/rest/NC_CREATEORG_REST/v01/createNewOrg?orgName=JelloBiafraInc

Before I can publish this API to APIP CS, I need to configure ICS for the target APIP CS platform.

As you can see, I have deleted some of the URL, but you get the idea.

Now, I go to activate the integration -



Let's see what other operations are available -



I'll go with Create New API.

I fill in the details as follows -


Note: the checkboxes for deploy and publish.

I check them -


Then I click Create.


Simple stuff!





















Tuesday, August 1, 2017

#591 ICS Map My Data lab


This is a simple lab that demonstrates all the functionality of the Map My Data pattern.











Available here

Monday, July 31, 2017

#590 - ICS roles

I get quite a lot of questions about the user roles available in ICS. Some of the questions relate to user access to data. For example, how do I prevent developers seeing payload values, such as credit card number.


The starting place for eliciting such information should be the ORCL docs - here I read



































Here are those roles in the cloud admin console -


















That's a lot more roles than detailed in the doc.
Suffice to say, many of these are cloud admin roles -
Identity Domain Administrator allows me to manage users etc.

Let's just concentrate on the following -


  • user
  • monitor
  • runtime

I will grant the user role to Uncle Paudge -




















I will grant the monitor role to Pat Mooney -


















I will grant the runtime role to Snowy Moran



















Now let's log in as the various users -

Uncle Paudge (Developer / user role) - 























He has access to all the top level components.
This is the optimal role for developers -
As the doc states -

Enables you to access all parts of Oracle Integration Cloud
Service to perform the following tasks:
• Create, deploy, and monitor integrations.
• Upload security certificates.

Now to the question, what if I do not want developers to see confidential info contained
in the payloads passing thru ICS?

At one level, the developer can do everything, well almost. She can log payloads, when activating integrations   -














But as you can read above, this is not recommended in a production environment.

Also worth noting, the developer with the user role can manage all of the settings -



















Best solution in this case, is to have a separate production environment. The developers can
do their stuff in the Development environment. Deploying to Production can be restricted. You could also use the REPL based Admin tool for ICS. This tool was developed by the Oracle A-Team and is detailed in a previous post.


I now log in as Pat Mooney the monitor -

Pat Mooney (Integration Monitor / monitor role)



 


















at first glance, it looks as if Pat has access to all components, but
let's click on integrations -








I click on Dashboard -











However, the monitor role does allow access to the settings -


















This is something you will have to keep in mind.

Let's now look at the runtime role -

Snowy Moran (mobile developer / runtime role)


Snowy develops mobile apps and needs to call ICS to access backend services.

He sees all the icons when he logs in, but cannot access anything.









But let's go to Postman and try the ICS REST API













First attempt, without any authorisation - I get Authorisation Required.

I add Snowy's credentials -


















As you can see, our mobile developer cannot just execute any ICS REST API.
The API I selected was on that lists all integrations on ICS.

He can only execute an ICS integration, with this role.

Here is one I prepared earlier -




















The URL is as follows -

https://myICSEnv/integration/flowapi/rest/NC_CREATEORG_REST/v01/createNewOrg?orgName=NiallCOrg

I execute this in Postman, using Snowy's credentials -


















Wednesday, July 19, 2017

#589 concise doc explaining all things Fusion Apps

For those of you who are somewhat confused by the world of Fusion Apps.
Read and be assuaged.



















Click here

#588 Oracle has been named a leader in the Forrester Wave Digital Process Automation Software


Rock on Oracle Process Cloud Service (PCS)




Oracle was cited by Forrester as a leader 

with the highest possible scores for the following -

·        Low-code/no-code
·        Smart forms and user experience
·        Process flow and design
·        Mobile engagement
·        API support
·        Data virtualization
·        Deployment options
·        Ease of implementation



Read all about it here