Those days I was trying to retrieve some OCI Json data using REST calls via curl. However, even though I've set up an application and Client ID and Secret accordingly, I was getting the error below:
{ "httpStatusCode" : 401, "httpMessage" : "Unauthorized", "executionContextId" : "005WAjCLgER1FgyN06YBUF0003so0000FI,0:1:1", "errorCode" : "urn:oracle:cloud:errorcode:tas:unauthorized", "errorMessage" : "Invalid Bearer Token: java.lang.Exception: Cannot obtain Certificate. Verify Access Signing Certificate in Settings" }
"Cannot obtain Certificate. Verify Access Signing Certificate in Settings"
Than I realize that there is an option under "Identity Cloud Service -> Default Settings" called "Access Signing Certificate". As IDCS can have multi-factor authentications, Active Direct link, etc, you must enable this option in order to allow an application service to bypass all those IDCS authentication using directly the Client ID and Client Secret.
After enabling this option, everything worked.
Have you enjoyed? Please leave a comment or give a 👍!