Search for existing answers to your product and support questions.
Familiarize yourself with our support site and learn best practices in working with our team.
Manage Service Requests, View and update service requests submitted by you and others in your organization.
Submit a new issue to our technical support team.
Oracle B2C Service insights from our Technical Support team subject matter experts
Browse resources to assist you in launching your implementation and ensure a successful go-live.
Access your OCI account.
Find product documentation for supported versions of B2C and documentation libraries for related service solutions.
You will have the tools to improve your customers' experience when you learn about all the things our products can do.
Find links for API documentation, Custom Processes, Customer Portal, and Agent Browser UI Extensibility Framework.
Explore how accelerators are designed to demonstrate how an integration scenario could be built using the public integration and extension capabilities of the Oracle B2C Service.
Prepare for a successful transition by reviewing upcoming release changes and enhancements.
Explore webinars, events, and feature kits to learn about B2C Service features, functionality, and best practices from the technical experts.
Oracle MyLearn offers a portfolio of free and paid subscription-based learning resources to help you gain valuable skills, accelerate cloud adoption, increase productivity, and transform your business.
Empower your team with the skills to implement, configure, manage, and use your applications with Customer Experience Cloud Training.
Our goal is to facilitate a friendly, supportive environment where members can easily collaborate with each other on solutions and best practices.
Ask and answer questions specific to B2C.
This is an exciting resource intended to help with your Oracle Service Cloud Analytics.
Share product improvement ideas and enhancement requests with Oracle Development, while collaborating with other Oracle customers and partners.
Update your phone number, email notification preferences, and severity 1 and severity 2 contact preferences.
View the contact managers within your organization.
Find contact information of the Technical Account Manager (TAM) and Client Success Manager (CSM) for your organization.
How is the authentication and user privileges managed for SOAP API?
Environment:
Connect Web Services for SOAP (CWS) API
Resolution:
Authentication: You can authenticate with SAML 2.0 (single sign-on) or with account passwords.
Authenticating with SAML 2.0 (single sign-on) : SAML-based authentication allows client applications to authenticate--on behalf of agents--using SAML 2.0 tokens to achieve single sign-on capabilities. For additional information about single sign-on with Oracle B2C Service, refer to the 'SAML 2.0 Open Login' section in online documentation for the version your site is currently running. To access Oracle B2C Service manuals and documentation online, refer to the Documentation for Oracle B2C Service Products.
If you are not using SAML 2.0 authentication when invoking Connect Web Services for SOAP operations, refer to Authentication with account passwords.
Authenticating with Account passwords: When the API receives a request a series of access control measures are enforced. First, the site configuration is checked to ensure the API has been enabled at a site level. Second, the user credentials supplied in the request are validated. Third, the profile for the supplied account is checked to ensure the correct profile bit is enabled. Client applications must supply username and password credentials with every request. User privileges: User permissions for different areas (incidents, answers, contacts etc) of the product are granular and based on the profile level access within Oracle B2C Service for a specific user. IP Restriction: Beginning with the May 2013 sites, The configuration setting SEC_PAPI_INTEG_HOSTS_SOAP has been added. This configuration setting defines which hosts are allowed to access the SOAP interface. Valid entries include a comma-separated list of domain names with wildcards, specific IP addresses or IP subnet masks (for example, *.rightnow.com, 1.2.3.4, 10.11.12.0/255.255.255.0). Only users logging in from hosts matching entries in this list are allowed access to the SOAP interface. Default is blank. Refer to Site Configuration.
For more the entire Connect Web Services for SOAP API documentation, refer to Answer ID 5169: Technical Documentation and Sample Code.