Weird connectivity problem with connecting ICS to REST Service on Application Container cloud: HTT 502

In this article I am trying to create a connection from ICS to a REST Service. That should be the easiest thing in the world for ICS, right? It is a little bit special – although ICS should not have to worry about that – because the REST service runs on a different Oracle PaaS service: the Application Container Cloud and reaches out to a third PaaS service: a DBaaS instance. The DataApi application is running fine (introduced in this article:  REST API on Node.js and Express for data retrieved from Oracle Database with node-oracledb Database Driver running on Application Container Cloud) and happily retrieving data from the DBaaS instance. What I am trying to do is shown in this figure:

Specifically, I am trying to create the ICS integration that links to the REST DataApi service and exposes it to a specific audience or with a specific interface.

By all accounts, this should be simple to do. The REST API is dead easy. No security policies are enforced – the REST API can be accessed by anyone, from anywhere. Unfortunately, as we will see, ICS has a problem with this. And even more unfortunate is the fact that I have not yet solved it – although I have a suspicion.

In ICS, I create a new connection, called HRM_RESTAPI_onAppContainerCloud.

I click on Configure Connectivity, to do exactly that:

I enter the URL at which the REST service can be accessed – the URL that works from my local laptop.

Because no security policies are enforced for this REST service, I need to specify that in the Configure Credentials dialog:

Press OK.

The Connection is now configured. Press Test, to verify that the information is correct.

At this point – after waiting quite a long time, probably for a time out to occur – I run into a weird and for me inexplicable error. A publicly accessibly REST Service. Nothing complex about it. And ICS cannot reach it. The error: HTTP 502 and CASDK-0005 are related it seems to the proxy that does not seem to allow for the call to be made. If I interpret this correctly, it means that from within my ICS instance, an HTTP request to my REST service, running in my Application Container Cloud instance, is not allowed.

What might be involved here is the fact that:

• ICS and Application Container Cloud are running in different identity domains (although the REST service is publicly accessible from outside its identity domain)
• ICS and Application Container Cloud are running in different Data Centers; ICS is running in US2 and Application Container Cloud (as well as the underlying DBaaS instance) are running in EMEA2

I do not believe that these conditions should be prohibitive: I cannot think of a good reason why ICS (on US2) should be unable to access a service running on EMEA2. So perhaps this is not the reason at all.

If anyone can help me with this: why do I get HTTP 502 upon testing this connection? I would be grateful. By all means, if you have an ICS instance, try to connect to https://data-api-lucasjellema.apaas.em2.oraclecloud.com/departments and let me know if you were able to create and test this connection.