web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate / Oracle JWT integration...
Power Automate
Suggested Answer

Oracle JWT integration with power Automate

(1) ShareShare
ReportReport
Posted on by
Hi Community,

I would appreciate some help or guidance in this.
I am trying to understand that the application authenticates to Oracle SME (Fusion Cloud) REST APIs using JSON Web Token (JWT) based authentication, as defined by RS256.
Using Cloud function generated Json Web Token and it's working fine while testing with in Postman API call to Oracle end point using Authorization as Bearer<token>.
While Integrating the JWT in Power automate using Cloud function URL Json Web Token got generated and while using generated JWT as Authorization Bearer<token> in HHTP call to Oracle Fusion Endpoint it's failing as Unauthorized.
 
Within Power Automate, the JWT generation and API call will be implemented as follows:
1.
The private key required for signing the JWT will be securely stored as Secret Manager.
2. Generate JWT Token Using Cloud function(Compose/Custom Action):
Build the JWT Header (JSON → Base64URL encode).
Build the JWT Payload with iss, prn, sub, iat, exp (JSON → Base64URL encode).
Sign the concatenated string with the private key using RS256 → produce the Signature.
Final token: base64url(header).base64url(payload).base64url(signature).
3.Use an HTTP action in Power Automate to call required endpoint:
Method: GET / POST (as required by the Oracle endpoint)
URL: https://<oracle-host>/path/to/api/endpoint
Headers:
Authorization: Bearer <JWT_TOKEN>
Content-Type: application/json.
 
 

Could you please review the above approach and confirm if this aligns with the recommended pattern? Additionally, I would appreciate any suggestions, best practices, or considerations—especially regarding JWT generation within Power Automate —that we should incorporate.

 

Thank you

Categories:
I have the same question (0)
  • Suggested answer
    11manish Profile Picture
    3,347 on at
    Since the same JWT works in Postman but fails only from Power Automate, the authentication mechanism is likely correct. The next step is to compare the raw HTTP request from both clients and verify that:
    • The exact JWT is being passed.
    • The Authorization header is correctly formatted.
    • The HTTP method, URL, headers, and body are identical.
    If everything matches, sharing the HTTP action configuration (with sensitive values masked) and the 401 response body from Oracle would help identify whether the issue is related to the request formatting, JWT claims, or an Oracle-specific authentication requirement.
  • Suggested answer
    Valantis Profile Picture
    6,778 on at
     
    Since the same JWT works in Postman but fails from Power Automate, the approach is architecturally correct. The issue is almost certainly one of these:

    1. Token expiry timing. The JWT is generated, then by the time the HTTP action fires in Power Automate there may be enough delay that iat/exp claims are outside Oracle's tolerance window.
    Oracle Fusion is strict about clock skew. Decode the token Power Automate is actually sending (Compose the Authorization header value and check run history) and verify exp is still in the future when Oracle receives it.

    2. Authorization header formatting. Power Automate's HTTP action has a built-in Authentication setting in the action properties. If you're also manually adding Authorization as a header, they can conflict or double-set the header. Set authentication to None in the action properties, and add Authorization: Bearer <token> manually in the Headers section only.

    3. Token not being passed correctly. Add a Compose action in the flow that outputs exactly what goes into the Authorization header. Check the run history of that Compose to confirm the token value matches what worked in Postman, including no extra whitespace or line breaks from Base64 encoding.

    The architecture (Cloud Function generates JWT, Power Automate HTTP action calls Oracle with Bearer header) is correct per the pattern Microsoft documents for custom JWT auth. The failure is in the execution detail, not the design.
     
      Best regards,

    Valantis   ✅ If this helped solve your issue, please Accept as Solution so others can find it quickly.

    ❤️ If it didn’t fully solve it but was still useful, please click “Yes” on “Was this reply helpful?” or leave a Like :).

    🏷️ For follow-ups  @Valantis.

    📝 https://valantisond365.com/ 💼 LinkedIn ▶️ YouTube

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Kudos to our 2025 Community Spotlight Honorees

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Automate

#1
Valantis Profile Picture

Valantis 284

#2
11manish Profile Picture

11manish 257

#3
David_MA Profile Picture

David_MA 192 Super User 2026 Season 1

Last 30 days Overall leaderboard