Create a Connection

Before you can build an integration, you must create the connections to the applications with which you want to share data.

Note:

You can also create a connection in the integration canvas. See why working with projects is preferred.

To create a connection in Oracle Integration:

Decide where to start:
- Work in a project (see why working with projects is preferred).
  1. In the navigation pane, click Projects.
  2. Select the project name.
  3. Click Integrations .
  4. In the Connections section, click Add if no connections currently exist or + if connections already exist. The Create connection panel opens.
- Work outside a project.
  1. In the navigation pane, click Design, then Connections.
  2. Click Create. The Create connection panel opens.
Select the adapter to use for this connection. To find the adapter, scroll through the list, or enter a partial or full name in the Search field.

Enter the information that describes this connection.

Element	Description
Name	Enter a meaningful name to help others find your connection when they begin to create their own integrations.
Identifier	Automatically displays the name in capital letters that you entered in the Name field. If you modify the identifier name, don't include blank spaces (for example, `SALES OPPORTUNITY`).
Role	Select the role (direction) in which to use this connection. Note: Only the roles supported by the adapter you selected are displayed for selection. Some adapters support all role combinations (trigger, invoke, or trigger and invoke). Other adapters support fewer role combinations. When you select a role, only the connection properties and security policies appropriate to that role are displayed on the Connections page. If you select an adapter that supports both invoke and trigger, but select only one of those roles, you'll get an error when you try to drag the adapter into the section you didn't select. For example, assume you configure a connection for the Oracle Service Cloud (RightNow) Adapter as only an invoke. Dragging the adapter to a trigger section in the integration produces an error.
Keywords	Enter optional keywords (tags). You can search on the connection keywords on the Connections page.
Description	Enter an optional description of the connection.
Share with other projects	Note: This field only appears if you are creating a connection in a project. Select to make this connection publicly available in other projects. Connection sharing eliminates the need to create and maintain separate connections in different projects. When you configure an adapter connection in a different project, the Use a shared connection field is displayed at the top of the Connections page. If the connection you are configuring matches the same type and role as the publicly available connection, you can select that connection to reference (inherit) its resources. See Add and Share a Connection Across a Project.

Click Create.

Your connection is created. You're now ready to configure the connection properties, security policies, and (for some connections) access type.
Follow the steps to configure a connection.
The connection property and connection security values are specific to each adapter. Your connection may also require configuration with an access type such as a private endpoint or an agent group.
Test the connection.

Configure Connection Properties

Enter connection information so your application can process requests.

Go to the Properties section.
In the Bootstrap Servers field, specify the host and port to use to connect to a list of Kafka brokers. A Kafka cluster consists of one or more servers (Kafka brokers) running Kafka. Producers are processes that publish data (push messages) to Kafka topics within the broker. A consumer of topics pulls messages from a Kafka topic.
You cannot enter multiple bootstrap servers for one Apache Kafka Adapter connection.

Configure Connection Security

Configure security for your Apache Kafka Adapter connection by selecting the security policy and security token.

Go to the Security section.

Select the security policy.

Security Policy	Description
SASL PLAIN over SSL	Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It separates authentication mechanisms from application protocols to enable any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. Plain-text authentication assumes that the user name and password are submitted to the server in clear text. Therefore, this authentication method is only considered secure when using an encrypted connection. This security policy enables you to use SASL Plain with SSL encryption.
SASL OAuth (Client Credentials)	SASL can be used as an authentication method in a variety of protocols, including OAuth. OAuth client credentials enable HTTP authorization schemes in the OAuth framework to be used within the SASL framework. A client authenticates to an OAuth authorization server over HTTPS, which issues tokens after successfully authenticating the resource owner. The obtained token may then be presented in an OAuth-authenticated request to the resource server.
TLS	Transport Layer Security (TLS) is a cryptographic protocol that provides end-to-end security of data sent between applications over the Internet.
Mutual TLS	Mutual TLS is a security practice that uses client TLS certificates to provide an additional layer of protection that allows client information to be cryptographically verified. Mutual TLS enables the server to authenticate the identity of the client.
No Security Policy	Do not use any security policy.
SASL OAuth (Client Credentials using JWT Client Assertion)	SASL can be used as an authentication method in a variety of protocols, including OAuth. OAuth JWT client assertions enable HTTP authorization schemes in the OAuth framework to be used within the SASL framework. A JWT client assertion is produced by creating a JSON payload and then signing it with a private key.
SASL PLAIN	Use SASL Plain without SSL encryption.

Based on your security policy selection, enter the following details:

If You Selected...	Specify These Details...
SASL OAuth (Client Credentials)	Access Token URI: Provide the request URI to obtain the access token. Client ID: Provide the client ID to identify the client making the request. Client Secret: Provide the client secret to identify the client making the request. (Optional) Client Secret: Provide the scope. Note: Refer to the documentation provided by your service provider for instructions on how to configure these fields.
SASL PLAIN over SSL This option enables you to use direct connectivity and eliminates the need to perform the procedures described Configure the Endpoint Access Type.	SASL Username: Enter the SASL username. SASL Password and Confirm SASL Password: Enter the password, then enter it a second time to confirm. TrustStore: Select the check box, then click Upload to upload the truststore. KeyStore: Select the check box, then click Upload to upload the keystore. TrustStore password and Confirm TrustStore password: Enter the password, then enter it a second time to confirm. KeyStore password and Confirm KeyStore password: Enter the password, then enter it a second time to confirm.
TLS	TrustStore: Select the check box, then click Upload to upload the truststore. TrustStore password and Confirm TrustStore password: Enter the password, then enter it a second time to confirm.
Mutual TLS	TrustStore: Select the check box, then click Upload to upload the truststore. KeyStore: Select the check box, then click Upload to upload the keystore. TrustStore password and Confirm TrustStore password: Enter the password, then enter it a second time to confirm. KeyStore password and Confirm KeyStore password: Enter the password, then enter it a second time to confirm. Key password and Confirm Key password: Enter the password, then enter it a second time to confirm.
SASL OAuth (Client Credentials using JWT Client Assertion)	Access Token URI: Provide the request URI to obtain the access token. JWT headers in JSON format: Upload the JSON-formatted JWT headers. JWT payload in JSON format: Upload the JSON-formatted payload. JWT Private Key: Upload the JWT private key. (Optional) JWT Private Key Password: Enter the JWT password. (Optional) Scope: Enter the scope. Note: Refer to the documentation provided by your service provider for instructions on how to configure these fields.
SASL PLAIN	SASL Username: Enter the SASL username. SASL Password and Confirm SASL Password: Enter the password, then enter it a second time to confirm.

Configure the Endpoint Access Type

Configure access to your endpoint. Depending on the capabilities of the adapter you are configuring, options may appear to configure access to the public internet, to a private endpoint, or to an on-premises service hosted behind a fire wall.

Select the Endpoint Access Type

Go to the Access type section.

Select the option for accessing your endpoint.

Option	This Option Appears If Your Adapter Supports ...
Public gateway	Connections to endpoints using the public internet.
Private endpoint	Connections to endpoints using a private virtual cloud network (VCN). Note: To connect to private endpoints, you must complete prerequisite tasks in the Oracle Cloud Infrastructure Console. Failure to do so results in errors when testing the connection. See Connect to Private Resources in Provisioning and Administering Oracle Integration 3 and Troubleshoot Private Endpoints in Using Integrations in Oracle Integration 3.
Connectivity agent	Connections to on-premises endpoints through the connectivity agent. Click Associate agent group. The Associate agent group panel appears. Select the agent group, and click Use. To configure an agent group, you must download and install the on-premises connectivity agent. See Download and Run the Connectivity Agent Installer and About Creating Hybrid Integrations Using Oracle Integration in Using Integrations in Oracle Integration 3.

Option

This Option Appears If Your Adapter Supports ...

Public gateway

Connections to endpoints using the public internet.

Private endpoint

Connections to endpoints using a private virtual cloud network (VCN).

Note: To connect to private endpoints, you must complete prerequisite tasks in the Oracle Cloud Infrastructure Console. Failure to do so results in errors when testing the connection. See Connect to Private Resources in Provisioning and Administering Oracle Integration 3 and Troubleshoot Private Endpoints in Using Integrations in Oracle Integration 3.

Connectivity agent

Connections to on-premises endpoints through the connectivity agent.

Click Associate agent group.

The Associate agent group panel appears.
Select the agent group, and click Use.

To configure an agent group, you must download and install the on-premises connectivity agent. See Download and Run the Connectivity Agent Installer and About Creating Hybrid Integrations Using Oracle Integration in Using Integrations in Oracle Integration 3.

Ensure Private Endpoint Configuration is Successful

To connect to private endpoints, you must complete prerequisite tasks in the Oracle Cloud Infrastructure Console. Failure to do so results in errors when testing the connection. See Connect to Private Resources in Provisioning and Administering Oracle Integration 3.
When configuring an adapter on the Connections page to connect to endpoints using a private network, specify the fully-qualified domain name (FQDN) and not the IP address. If you enter an IP address, validation fails when you click Test.
IPSec tunneling and FastConnect are not supported for use with private endpoints.

Test the Connection

Test your connection to ensure that it's configured successfully.

In the page title bar, click Test. What happens next depends on whether your adapter connection uses a Web Services Description Language (WSDL) file. Only some adapter connections use WSDLs.

If Your Connection...	Then...
Doesn't use a WSDL	The test starts automatically and validates the inputs you provided for the connection.
Uses a WSDL	A dialog prompts you to select the type of connection testing to perform: Validate and Test: Performs a full validation of the WSDL, including processing of the imported schemas and WSDLs. Complete validation can take several minutes depending on the number of imported schemas and WSDLs. No requests are sent to the operations exposed in the WSDL. Test: Connects to the WSDL URL and performs a syntax check on the WSDL. No requests are sent to the operations exposed in the WSDL.

If Your Connection...

Then...

Doesn't use a WSDL

The test starts automatically and validates the inputs you provided for the connection.

Uses a WSDL

A dialog prompts you to select the type of connection testing to perform:

Validate and Test: Performs a full validation of the WSDL, including processing of the imported schemas and WSDLs. Complete validation can take several minutes depending on the number of imported schemas and WSDLs. No requests are sent to the operations exposed in the WSDL.
Test: Connects to the WSDL URL and performs a syntax check on the WSDL. No requests are sent to the operations exposed in the WSDL.

Wait for a message about the results of the connection test.
- If the test was successful, then the connection is configured properly.
- If the test failed, then edit the configuration details you entered. Check for typos and verify URLs and credentials. Continue to test until the connection is successful.
When complete, click Save.