Exposing Oracle EBS Data Through ORDS REST APIs

Modernizing EBS Access With REST

Oracle E-Business Suite was built for Forms-based interaction, but modern applications need REST APIs to integrate with mobile apps, cloud services, and other systems. Oracle REST Data Services (ORDS) can be deployed alongside EBS to expose EBS data and operations as RESTful endpoints without modifying the EBS codebase.

Architecture Overview

Deploy ORDS against the EBS database, connecting to a custom schema (not APPS directly) that has select grants on the EBS views and execute grants on the public APIs you want to expose. This custom schema acts as an API gateway layer, providing a security boundary between REST consumers and the EBS internals.

-- Custom schema setup
CREATE USER ebs_rest_api IDENTIFIED BY "SecurePass123";
GRANT CONNECT, RESOURCE TO ebs_rest_api;

-- Grant read access to specific EBS views
GRANT SELECT ON apps.hz_cust_accounts TO ebs_rest_api;
GRANT SELECT ON apps.ra_customers TO ebs_rest_api;
GRANT SELECT ON apps.oe_order_headers_all TO ebs_rest_api;

-- Grant execute on APIs you want to expose
GRANT EXECUTE ON apps.oe_order_pub TO ebs_rest_api;

Creating REST Endpoints

Use ORDS to define REST modules in the custom schema:

-- Customer lookup endpoint
BEGIN
    ORDS.DEFINE_MODULE(
        p_module_name => 'ebs',
        p_base_path   => '/ebs/v1/'
    );

    ORDS.DEFINE_TEMPLATE(
        p_module_name => 'ebs',
        p_pattern     => 'customers/:customer_id'
    );

    ORDS.DEFINE_HANDLER(
        p_module_name => 'ebs',
        p_pattern     => 'customers/:customer_id',
        p_method      => 'GET',
        p_source_type => ORDS.SOURCE_TYPE_COLLECTION_ITEM,
        p_source      => 'SELECT customer_id, customer_name, account_number,
                                 customer_type, status
                            FROM apps.ra_customers
                           WHERE customer_id = :customer_id'
    );
    COMMIT;
END;

Handling EBS Context in REST Calls

EBS APIs require APPS_INITIALIZE context. Create wrapper procedures in your custom schema that set up the context before calling EBS APIs and return JSON results:

CREATE OR REPLACE PROCEDURE create_sales_order_rest(
    p_order_json IN CLOB,
    p_result     OUT CLOB
) IS
BEGIN
    FND_GLOBAL.APPS_INITIALIZE(l_user_id, l_resp_id, l_appl_id);
    MO_GLOBAL.SET_POLICY_CONTEXT('S', l_org_id);
    -- Parse JSON, call OE_ORDER_PUB, return results as JSON
END;

Security Considerations

Always authenticate REST consumers using OAuth2 or API keys configured in ORDS. Never expose APPS schema directly. Limit the custom schema’s grants to the minimum required views and APIs. Log all REST calls for audit purposes. Rate-limit endpoints that invoke write APIs to prevent abuse.

martin

Administrator

Visit Website View All Posts

Leave a Reply Cancel reply

Related Stories

Oracle EBS to Cloud Migration: Coexistence Patterns With REST and OIC

Oracle EBS Flexfields: Understanding and Querying Descriptive and Key Flexfields

Oracle EBS Concurrent Programs: Scheduling and Monitoring From PL/SQL

You May Have Missed

Debugging APEX Like a Pro: APEX_DEBUG and the Debug Toolbar

Building a Dark Mode Toggle for Universal Theme

Client Side Validation in APEX Without a Round Trip

Five APEX URL Tricks Every Developer Should Memorize