SOAPUI - SoapUI to OIC Service Call using OAuth 2.0

Overview

This setup allows SoapUI to invoke an Oracle Integration Cloud (OIC) REST integration securely using OAuth 2.0 ( example, Client Credentials) authentication.

Supported Version

OAuth 2.0 support is available in SoapUI Open Source 5.x and later versions. SoapUI provides built-in OAuth 2.0 authorization profiles and supports standard grant types such as:

Authorization Code

Client Credentials

Password Credentials

Implicit Grant

Setup Steps

Configure OIC Integration Security:

Open OIC: Integrations → Open Integration → Trigger → Security

Select: OAuth 2.0

Configure:

Activate the integration.

Generate Access Token in SoapUI

1. Open SoapUI: Request → Auth → Add Authorization → OAuth 2.0
2. Enter: Value
1. Grant Type
2. Client Credentials
3. Access Token URL
4. OAuth Token URL
5. Client ID
6. Client Secret
3. Click: Get Access Token

Note: In the Scope, there should not be any double quotes.

Conclusion

Using SoapUI (5.x and later) with OAuth 2.0 support makes it easy to securely test and invoke OIC REST/SOA services without custom token handling. By configuring the OAuth 2.0 authorization profile, generating the access token, and attaching it to the request, service testing becomes faster, reusable, and aligned with modern authentication standards. For better compatibility and stability, using SoapUI 5.7.0 or later is recommended.

OIC - Automated HSBC Payment Acknowledgement Processing in Oracle Integration Cloud (OIC)

Working...

Overview

In many enterprise payment integrations, payment files generated from Oracle ERP are transmitted to banking partners such as HSBC for payment execution. After processing the payment file, HSBC generates an acknowledgement (ACK) file that must be retrieved and loaded back into Oracle ERP for reconciliation and audit purposes.

This blog describes an OIC-based solution that automates the end-to-end retrieval and processing of HSBC payment acknowledgement files.

Business Requirement

When Oracle ERP sends a payment file to HSBC, the treasury team requires confirmation that the file has been successfully received and processed by the bank.

The solution should:

Retrieve the payment reference number from ERP.

Call HSBC APIs using the reference number.

Download the payment acknowledgement file.

Upload the acknowledgement file into ERP UCM.

Submit an ESS job to import/process the file.

Validate successful processing.

Re-query ERP to confirm the final acknowledgement status.

Solution Architecture

High-Level Flow

OIC Scheduler

      |

      V

Call ERP BIP Report

      |

      V

Get Payment Reference Number

      |

      V

Call HSBC Acknowledgement API

      |

      V

Download ACK File

      |

      V

Upload File to ERP UCM

      |

      V

Submit ESS Job

      |

      V

Monitor ESS Job Status

      |

      V

Call ERP BIP Report Again

      |

      V

Validate Final Processing Status

Integration Design

Step 1: Scheduled Integration Trigger

A scheduled OIC integration runs periodically to identify payment files awaiting acknowledgement processing.

The scheduler frequency can be configured based on business requirements.

Step 2: Retrieve Payment Reference from ERP

The integration invokes a BI Publisher (BIP) report in Oracle ERP.

The report returns:

Payment Process Request (PPR)

Payment Batch Details

Payment Reference Number

Bank Reference Information

The reference number returned by the report is used as the primary identifier for HSBC API calls.

Step 3: Invoke HSBC Acknowledgement API

Using the payment reference number, OIC invokes the HSBC acknowledgement API.

Sample request:

{

  "paymentReference": "REF123456789"

}

HSBC returns:

Processing status

Acknowledgement file

Reference details

Response codes

Step 4: Download Acknowledgement File

If the acknowledgement is available, OIC retrieves the ACK file from HSBC.

Depending on HSBC implementation, the file may be:

XML

CSV

TXT

CAMT format

The file content is stored temporarily within the integration flow.

Step 5: Upload File to ERP UCM

The acknowledgement file is uploaded to Oracle ERP Universal Content Management (UCM).

Typical upload details:

Account: fin$/payables/import$

Document Name

Security Group

Content Type

The UCM document ID is captured for downstream processing.

Step 6: Submit ESS Job

After successful upload, OIC invokes the ERP ESS web service to process the acknowledgement file.

Typical ESS parameters include:

UCM Document ID

File Name

Import Process Name

The ESS Job ID is captured for monitoring.

Step 7: Monitor ESS Job Status

OIC continuously polls the ESS job status until one of the following conditions is reached:

SUCCEEDED

ERROR

WARNING

This can be implemented using:

Wait activity

Scope

While loop

Retry framework

Step 8: Re-Validate Using BIP Report

Once the ESS job completes successfully, OIC invokes the BIP report again.

This validation step confirms:

Acknowledgement processed successfully

Payment status updated

ERP records reconciled correctly

The report serves as a final verification layer before completing the integration.

Error Handling

The integration includes robust exception handling for:

HSBC API Failures

Authentication issues

Network failures

Invalid references

Timeout errors

UCM Upload Failures

Invalid content

UCM connectivity issues

Security permission failures

ESS Processing Failures

Import validation errors

Incorrect file format

ERP processing exceptions

Notifications can be sent through email or monitoring dashboards for failed transactions.

Benefits

End-to-End Automation

Eliminates manual retrieval and upload of acknowledgement files.

Improved Reconciliation

Ensures ERP reflects the actual bank processing status.

Faster Processing

Acknowledgements are processed automatically and available to finance teams sooner.

Enhanced Auditability

Provides complete traceability from payment initiation to acknowledgement confirmation.

Conclusion

This OIC integration automates the complete HSBC payment acknowledgement lifecycle by combining Oracle ERP BI Publisher reports, HSBC APIs, UCM file uploads, and ESS job processing. The additional validation step using a second BIP report ensures that acknowledgement files are successfully processed and reflected in ERP, providing a reliable and auditable payment reconciliation process.

OIC - OIC Common Utility Service – Cleanup Archive Files from Embedded SFTP server

Overview

As part of routine maintenance, Oracle Integration Cloud (OIC) embedded SFTP servers can accumulate a large number of archived files over time. These files consume storage and make file management difficult.

To address this, we developed a common utility integration that automatically removes archive files older than 30 days from the OIC Embedded SFTP server.

Business Requirement

Periodically clean up old archive files from the OIC Embedded SFTP server.

Retain only recent files for operational and audit purposes.

Automatically delete files older than 30 days.

Reduce manual maintenance effort.

Integration Flow

Scheduler Integration

The utility integration is triggered through an OIC Scheduler at a predefined interval (daily or weekly).

Scheduler

    ↓

Main Integration

    ↓

List Files from Embedded SFTP Root Directory

    ↓

Filter Files Older Than 30 Days

    ↓

For-Each File

    ↓

Delete File

    ↓

Log Processing Details

Implementation Details

Step 1: Scheduler Trigger

A scheduled integration initiates the cleanup process automatically based on the configured frequency.

Payload to send :

{

  "ProcessRequest": {

    "SystemName": "1234",

    "DateTime": "INTXXX",

    "ParentProcessId": "INTXXX",

    "ArchiveRootFolder": "INTXXX",

    "Attribute1": "PlaceHolder",

    "Attribute2": "PlaceHolder"

  }

}

Step 2: List Files

The integration connects to the OIC Embedded SFTP server and retrieves the list of files available under the root archive directory.

Step 3: Filter Files

For each file returned from the SFTP server:

Read the file's last modified date.

Compare it with the current date.

Calculate the age of the file.

Select files older than 30 days.

<xsl:if test="ns22:lastModifiedTime &lt; number(concat(floor(((xsd:dateTime(fn:current-dateTime()) - xsd:dayTimeDuration(concat('P',dvm:lookupValue('UTILITIES_CONFIG','Key',concat(substring-after(ns22:directory,$StringToGetInterfaceId_Var),'_RETENTION_PERIOD'),'Value',$DefaultRetentionPeriod_Var),'D'))) - xsd:dateTime('1970-01-01T00:00:00')) div xsd:dayTimeDuration('PT1S')),'000'))">

Step 4: Delete Files

A For-Each loop processes the filtered file list.

For every eligible file:

Verify the file exists.

Invoke the Delete File operation.

Record the deletion status for monitoring and auditing.

Step 5: Logging

The integration logs:

Total files scanned.

Total files identified for cleanup.

Successfully deleted files.

Failed deletion attempts, if any.

Benefits

Automated archive maintenance.

Reduced storage consumption.

Improved SFTP file management.

Eliminates manual cleanup activities.

Reusable utility service across multiple OIC projects.

#######Logic discussion#######

Assume:

Current Date = 05-Jun-2026

Retention Period = 30 days (from DVM)

File LastModifiedTime = 01-May-2026

Step 1: Get Retention Period

XML dvm:lookupValue(...)

Returns: 30

Step 2: Create Duration

XML concat('P',30,'D')

Result: P30D

(XML duration format = 30 Days)

Step 3: Subtract Retention Days from Current Date

XML current-dateTime() - xsd:dayTimeDuration('P30D')

Result: 05-Jun-2026 - 30 days = 06-May-2026

Step 4: Convert Cutoff Date to Epoch Seconds

XML (06-May-2026 - 01-Jan-1970) div PT1S

Result (example): 1778025600 seconds since 1970

Step 5: Convert to Epoch Milliseconds

XML concat(1778025600,'000')

Result: 1778025600000

Step 6: Compare File Timestamp

XML ns22:lastModifiedTime < 1778025600000

Suppose file timestamp is:

01-May-2026 = 1777593600000

Then: 1777593600000 < 1778025600000

Result: TRUE

Final Decision

✅ File is older than 30 days → Include in delete list.

In simple terms: If File Last Modified Date < (Today - 30 Days) Then Delete File

Conclusion

This common utility service provides a simple and effective solution for maintaining the OIC Embedded SFTP server by automatically deleting archive files older than 30 days. By leveraging OIC Scheduler, SFTP Adapter, and For-Each processing, organizations can keep their integration environment clean, efficient, and easier to manage.

OIC - OIC Agent Health Check Service Using OIC Monitoring API

In many Oracle Integration Cloud (OIC) implementations, on-premise and hybrid integrations depend heavily on Connectivity Agents. If an agent becomes unavailable, integrations may fail, causing business disruptions. To proactively monitor agent availability, we developed a reusable OIC Agent Health Check Service that leverages the OIC Monitoring REST API.

Objective

The purpose of this service is to:

Monitor Connectivity Agent Groups.

Verify agent health status.

Detect offline or unhealthy agents.

Provide a reusable monitoring framework across environments.

Support automated alerting and operational dashboards.

API Used

The service invokes the OIC Monitoring API:

Http

GET /ic/api/integration/v1/monitoring/agentgroups

Oracle docs reference:

https://docs.oracle.com/en/cloud/paas/application-integration/rest-api/op-ic-api-integration-v1-monitoring-agentgroups-get.html 

Dynamic Endpoint Mapping

To make the solution reusable across environments (DEV, SIT, UAT, PROD), the endpoint URL is dynamically constructed using OIC Lookup Values.

During the mapper stage:

Environment details are read from common lookups.

Runtime Base URL is fetched dynamically.

Runtime Service Instance is fetched dynamically.

Absolute Endpoint URL is generated.

API is invoked against the appropriate OIC instance.

This approach eliminates hardcoded URLs and simplifies migration across environments.

Benefits

Environment-independent design.

Easier deployment and maintenance.

Centralized configuration management.

Reduced migration effort.

Integration Flow

Step 1: Scheduled Trigger

The integration runs on a schedule (for example every 15 or 30 minutes).

Step 2: Build Monitoring Endpoint

Mapper constructs the endpoint using lookup values and environment configuration.

Step 3: Invoke OIC Monitoring API

The service calls:

Http

GET /ic/api/integration/v1/monitoring/agentgroups

Step 4: Parse Response

Response is parsed to retrieve:

Agent Group Name

Agent Identifier

Agent Status

Connectivity Information

Step 5: Evaluate Health Status

Business rules determine whether:

Agent is Active

Agent is Offline

Agent requires attention

Step 6: Generate Alert

If any agent is unavailable, notifications can be sent through:

Email

Microsoft Teams

Slack

Incident Management Systems

Sample Response Payload

JSON

{

  "items": [

    {

      "id": "AgentGroup01",

      "name": "FinanceAgentGroup",

      "status": "ACTIVE",

      "agents": [

        {

          "agentId": "Agent001",

          "agentName": "FIN_AGENT",

          "status": "ACTIVE"

        }

      ]

    },

    {

      "id": "AgentGroup02",

      "name": "HRAgentGroup",

      "status": "INACTIVE",

      "agents": [

        {

          "agentId": "Agent002",

          "agentName": "HR_AGENT",

          "status": "INACTIVE"

        }

      ]

    }

  ]

}

Note: The actual payload structure may vary depending on the OIC version and API response.

Key Advantages

Proactive monitoring of OIC Connectivity Agents.

Faster identification of connectivity issues.

Reduced integration downtime.

Reusable common utility service.

Dynamic environment handling through lookup-driven endpoint configuration.

Easy integration with enterprise monitoring solutions.

Conclusion

The OIC Agent Health Check Service provides a centralized and reusable mechanism for monitoring Connectivity Agent availability across environments. By combining the OIC Monitoring API with dynamic endpoint configuration through lookups, organizations can build a scalable monitoring solution that improves reliability, reduces operational effort, and enables proactive issue resolution before business integrations are impacted.

OIC - OIC Integration for User and Role Synchronization Between CORS and Workforce System (WFS)

Managing user access across systems is a common enterprise requirement. In this implementation, Oracle Integration Cloud (OIC) acts as the middleware between CORS and the Workforce System (WFS) to synchronize users and their roles.

Flow 1: WFS to CORS – User and Role Export

This scheduled OIC integration runs periodically to extract user information from WFS.

Process

1. OIC Scheduler triggers the integration.
2. Lists all available files from the WFS SFTP location.
3. For each file, downloads the content.
4. Writes the files to the OIC Embedded SFTP server.
5. Delete file from WFS SFTP.
6. CORS picks up the files using a service account.

Files Transferred:

• List of Users
• User with Roles

This flow ensures CORS always has the latest user and role information from WFS.

Flow 2: CORS to WFS – User Provisioning and Role Management

This integration exposes a REST API that allows CORS to request user provisioning or role assignment/removal in WFS.

Process

1. CORS sends user details and roles through a REST request.
2. OIC validates and transforms the data into the format required by WFS.
3. Creates the appropriate provisioning file.
4. Places the file in the WFS SFTP location for processing.

Supported Actions

• Create User
• Assign Role
• Remove Role

This approach provides a simple file-based integration mechanism while maintaining system decoupling.

Request feed:

{

  "users": {

    "ReqNo": "123123",

    "loginID": "user010",

    "UserEmail": "sendmail-test-discard@oracle.com",

    "Roles": [

      {

        "Action": "ADD",

        "RoleName": "Company General User"

      },

      {

        "Action": "REMOVE",

        "RoleName": "Company Roster Creator"

      }

    ]

  }

}

Response:

{

  "Status": "RECEIVED/ERROR",

  "Message": "",

  "users": {

    "ReqNo": "123123",

    "loginID": "user010",

    "UserEmail": "user010@oracle.com",

    "Roles": [

      {

        "Action": "ADD",

        "RoleName": "Project Administrator"

      },

      {

        "Action": "REMOVE",

        "RoleName": "Project Administrator"

      }

    ]

  }

}

File fileds required by wfs: <InterfaceNumber>_USER_ROLES_<datetime>

Flow 3: CORS to WFS – Provisioning Status Validation

After provisioning requests are submitted, CORS can verify the processing status through another REST service exposed by OIC.

Process

1. CORS sends the User ID and Role information.
2. OIC obtains an authentication token from WFS.
3. Calls WFS APIs to retrieve current users and assigned roles.
4. Compares the requested data with the actual data in WFS.

Response Logic

• Success – User exists and all requested roles are assigned.
• Pending – User exists but roles are not yet assigned.
• Error – User does not exist in WFS.

This validation mechanism provides real-time visibility into provisioning status and helps CORS track completion of access requests.

Request : same as previous flow 

Response:

{

  "users": [

    {

      "Status": "SUCCESS/ERROR/PENDING",

      "Message": "",

      "ReqNo": "123123",

      "loginID": "user010"

    }

  ]

}

Get Token:

Request payload: {"grant_type":""}

Response payload: {"access_token":""}

Mapping: map "client_credentials" to grant_type.

Get User Logs:

Sample response:

{

  "updateSequence": [

    {

      "recordId": "...",

      "dataChange": "MERGE",

      "userId": "...",

      "externalId": "21144",

      "generalRoles": [

        "TA-AS_EMPLOYEE",

        "TA-CHANGE_OWN_PASSWORD",

        "TA-DESKTOP_EMPLOYEE_TIME_OFF_REQUESTS",

        "TA-MOBILE_CLOCK_USER",

        "TA-MOBILE_USER"

      ],

      "groupRights": [

        {

          "id": "TA-2146425995",

          "roleId": "TA-DELEGATOR_GROUP",

          "type": "EMPLOYEE_GROUP"

        }

      ],

      "errors": [

        "You would have been more ..."

      ],

      "nextCursor": "..."

    }

  ]

}

Mapping:

1. Authorization : Bearer <token>

2. Count : 5000 (this limit is on the number of records to retrieve.)

Code logic for response:

Benefits

• Automated user and role synchronization.
• Secure file transfer through SFTP.
• REST-based provisioning interface.
• Real-time status validation.
• Reduced manual user administration effort.
• Reliable integration between CORS and WFS using Oracle Integration Cloud.

This blog provides an end-to-end overview of the user provisioning and role synchronization framework implemented using OIC between CORS and Workforce System (WFS).

OIC - Retry Mechanism in Oracle Integration Cloud (OIC)

In Oracle Integration Cloud (OIC), retry handling plays an important role in improving integration reliability when temporary failures occur during invoke calls. Oracle currently documents two different retry approaches that developers should understand while designing integrations.

1. Project-Level Retry Logic

Oracle Integration provides a configurable retry mechanism for invoke connections within Projects. This retry functionality is not automatically enabled for every integration by default. Once configured, developers can customize:

Number of retry attempts

Delay interval between retries

Default Configuration

By default, OIC provides:

3 retry attempts

5-second retry interval

This retry mechanism applies broadly to invoke connection faults, including:

Business faults

Runtime faults

This helps integrations recover automatically from temporary endpoint failures without immediately moving to faulted state.

Use Case

Suppose an external REST/SOAP endpoint becomes temporarily unavailable or experiences network instability. Instead of failing immediately, OIC retries the invoke operation automatically based on configured retry settings.

Oracle Documentation

https://docs.oracle.com/en/cloud/paas/application-integration/integrations-user/retry-invoke-connections-project.html?utm_source=chatgpt.com

2. REST Adapter Built-In Retry Handling

Apart from project-level retry logic, the REST Adapter itself contains built-in retry handling for specific error scenarios. This behavior is adapter-specific and implemented internally by Oracle.

The REST Adapter automatically retries for:

HTTP 504 errors

HTTP 502 errors (GET operations only)

HTTP 401 errors

SSL-related retryable exceptions

Adapter-classified retryable exceptions

For these scenarios, the REST Adapter performs up to 3 retry attempts automatically.

Important Note

This retry behavior is currently documented specifically for the REST Adapter. Oracle documentation does not confirm the same built-in retry implementation across all adapters.

Best Practice

Oracle recommends enabling instance retries when invoking REST endpoints that may encounter:

401 errors

429 throttling errors

50x server errors

This improves resiliency when working with unstable or rate-limited external services.

Oracle Documentation

https://docs.oracle.com/en/cloud/paas/application-integration/rest-adapter/troubleshoot-rest-adapter.html?utm_source=chatgpt.com

https://docs.oracle.com/en/cloud/paas/application-integration/rest-adapter/best-practices-invoking-rest-endpoints.html?utm_source=chatgpt.com

Conclusion

OIC provides retry handling at multiple levels:

Project-Level configurable retry mechanism

REST Adapter built-in automatic retries

Understanding both mechanisms helps developers design more resilient integrations and reduce failures caused by temporary network or endpoint issues.

When designing enterprise integrations, retry configuration should always be planned carefully to balance:

Reliability

Performance

Duplicate transaction prevention

External API limitations

Proper retry handling can significantly improve integration stability in real-world production environments.

OPC vs Unifier – Simple Understanding

OPC vs Unifier – Simple Understanding

Oracle Primavera Cloud (OPC) is mainly used for project execution and scheduling. It helps organizations manage project timelines, activities, milestones, resources, and overall project progress.

For example, 

project managers use OPC to track delayed activities, monitor schedules, and manage resource planning.

On the other hand, Oracle Primavera Unifier is used for business processes and workflow management. It handles approvals, budget management, invoices, contracts, change requests, and document workflows.

For example, 

finance or PMO teams use Unifier for contractor approvals, budget approvals, and project-related business processes.

In simple terms:

OPC focuses on project scheduling and execution

Unifier focuses on business workflows and approvals

Both applications are often integrated using Oracle Integration Cloud to synchronize project and business data across systems.