Create a Connection

Before you can build an integration, you must create the connections to the applications with which you want to share data.

Note:

You can also create a connection in the integration canvas. See Define Inbound Triggers, Outbound Invokes, and Actions.

To create a connection in Oracle Integration:

  1. Decide where to start:
    • Work in a project (see why working with projects is preferred).
      1. In the navigation pane, click Projects.
      2. Select the project name.
      3. Click Integrations Integrations icon.
      4. In the Connections section, click Add if no connections currently exist or + if connections already exist. The Create connection panel opens.
    • Work outside a project.
      1. In the navigation pane, click Design, then Connections.
      2. Click Create. The Create connection panel opens.

  2. Select the adapter to use for this connection. To find the adapter, scroll through the list, or enter a partial or full name in the Search field.

  3. Enter the information that describes this connection.
    Element Description
    Name

    Enter a meaningful name to help others find your connection when they begin to create their own integrations.

    Identifier

    Automatically displays the name in capital letters that you entered in the Name field. If you modify the identifier name, don't include blank spaces (for example, SALES OPPORTUNITY).

    Role

    Select the role (direction) in which to use this connection.

    Note: Only the roles supported by the adapter you selected are displayed for selection. Some adapters support all role combinations (trigger, invoke, or trigger and invoke). Other adapters support fewer role combinations.

    When you select a role, only the connection properties and security policies appropriate to that role are displayed on the Connections page. If you select an adapter that supports both invoke and trigger, but select only one of those roles, you'll get an error when you try to drag the adapter into the section you didn't select.

    For example, assume you configure a connection for the Oracle Service Cloud (RightNow) Adapter as only an invoke. Dragging the adapter to a trigger section in the integration produces an error.

    Keywords

    Enter optional keywords (tags). You can search on the connection keywords on the Connections page.
    Description

    Enter an optional description of the connection.
    Share with other projects

    Note: This field only appears if you are creating a connection in a project.

    Select to make this connection publicly available in other projects. Connection sharing eliminates the need to create and maintain separate connections in different projects.

    When you configure an adapter connection in a different project, the Use a shared connection field is displayed at the top of the Connections page. If the connection you are configuring matches the same type and role as the publicly available connection, you can select that connection to reference (inherit) its resources.

    See Add and Share a Connection Across a Project.

  4. Click Create.

    Your connection is created. You're now ready to configure the connection properties, security policies, and (for some connections) access type.

  5. Follow the steps to configure a connection.

    The connection property and connection security values are specific to each adapter. Your connection may also require configuration with an access type such as a private endpoint or an agent group.

  6. Test the connection.

Configure Connection Properties for Invoke Connections

Configure connection security to invoke a protected target service with the REST Adapter.

  1. Go to the Properties section.
  2. Specify the following details.
    Element Description

    Connection Type
    Select the type to use:

    • REST API Base URL

    • Open API (1.0/2.0/3.0) URL

    Connection URL

    Specify the endpoint URL to use based on your selection in the Connection Type field. The connection URL can be both HTTP and HTTPS.

    Note: Do not include a trailing forward slash (/) at the end of the REST API Base URL or Open API URL.

    • REST API Base URL
      https://hostname:port/ic/api/integration/v1/flows/rest/INTEGRATION_NAME/v01
    • For Open API (1.0/2.0/3.0) URL:
      https://hostname:port/ic/api/integration/v1/flows/rest/INTEGRATION_NAME/v1/metadata/openapi

    TLS Version

    (Under Optional properties.)

    If no value is selected, the default value used for outbound connections is Transport Layer Security (TLS) version 1.3. It's up to your discretion and the end application's requirements to select either TLS version 1.2 or 1.1 as the default.

    • TLSv1.1

    • TLSv1.2

    TLSv1 is no longer supported. If you previously configured a connection in a version prior to Oracle Integration 3 to use TLSv1.1, either update the connection by not selecting a value for this field or select TLSv1.2.

    The TLS protocol provides privacy and data integrity between two communicating computer applications.

    For trigger-only connections, you cannot select a TLS version. Oracle Integration accepts what it receives as long as it's TLSv1.1 or TLSv1.2.

    Enable two way SSL for outbound connections (Optional)

    (Under Optional properties.)

    If you are configuring the REST Adapter for use with a two-way SSL-enabled server, select Yes.

    .

    Identity keystore alias name (Optional)

    (Under Optional properties.)

    Enter the key alias name from the keystore file that you specified when importing the identity certificate.

    The alias name to provide must match the name provided for the private key entry in the JKS file.

    Note:

    The Metadata Catalog URL, Swagger Definition URL, and RAML Definition URL connection types are no longer available. Developers with a REST API that is described using RAML or the Oracle metadata catalog must take specific actions. See Differences from Prior Versions of Oracle Integration in What's New for Oracle Integration 3.

Configure Connection Security

Configure security for your REST Adapter connection by selecting the security policy and specifying the required details.

  1. Go to the Security section.
  2. Select the security policy to use. If you selected the Invoke role or the Trigger and Invoke role during REST Adapter connection creation, the page is refreshed to display various login credential fields. You must already have created your client application to complete the necessary fields.

    The following security policy restrictions apply when configuring a REST Adapter connection with the trigger and invoke role on the Connections page:

    • If you select Basic Authentication, it can be used as a trigger and an invoke.
    • If you select any other security policy, it can only be used as an invoke. Dragging the connection to the trigger area causes an exception error to be displayed.
    • For existing integrations, the above restrictions do not apply when editing the REST Adapter in the Adapter Endpoint Configuration Wizard.

    Note:

    The following standard OAuth security policies are implemented to work with providers that are implemented as illustrated in RFC 6749.
    • OAuth Resource Owner Password Credentials
    • OAuth Client Credentials

    In case the standard policy doesn't work, it is recommended that you use the OAuth Custom Two Legged or OAuth Custom Three Legged security policy.

Configure Security Policies for Trigger Connections

Selected Security Policy Description Fields
OAuth2.0
  • Supports HTTP bearer authentication.
  • The client should send the OAuth 2.0 bearer token in the HTTP headers.

See Authenticate Requests for Invoking Oracle Integration Flows.

No fields are displayed.
Basic Authentication
  • Supports HTTP basic authentication.
  • The client should send the user name/password in the HTTP headers.
 No fields are displayed.
OAuth 2.0 or Basic Authentication The client can use any of the OAuth 2.0 bearer tokens or the HTTP Basic Authentication header. No fields are displayed.

Configure Security Policies for Invoke Connections

Note:

OAuth Authorization Code Credentials, OAuth Custom Three Legged Flow, and OAuth Custom Two Legged Flow security types, the connection is only successful after you click the Provide Consent button. Configuring all the details alone is not sufficient.

Note:

Testing a REST Adapter connection configured with the HTTP basic authentication security policy and a role connection of Trigger and Invoke or Invoke does not validate the credentials and simply opens a connection to the provided URL. To validate the endpoint and credentials, the REST Adapter must invoke an API that is idempotent.
Selected Security Policy Fields

AWS Signature Version 4

Note: You can use this security policy with the connectivity agent for scenarios in which you need to invoke AWS APIs hosted in an on-premises environment.

  • Access Key — Enter the key obtained when you created your Amazon security credentials.

  • Secret Key — Enter the key obtained when you created your Amazon security credentials.

  • Confirm Secret Key — Enter the key a second time.

  • AWS Region — Select the region in which the AWS server is hosted.

  • Service Name — Select the AWS service to which to connect.

Basic Authentication

  • Username — The name of a user who has access to the destination web service.

  • Password — Enter the password.

  • Confirm Password — Reenter the password.

OAuth Client Credentials

  • Access Token URI — The URL from which to obtain the access token.

  • Client Id — The client identifier issued to the client during the registration process.

  • Client Secret — The client secret.

  • Confirm Client Secret — Reenter the client secret.

  • Scope — The scope of the access request. Scopes enable you to specify which type of access you need. Scopes limit access for the OAuth token. They do not grant any additional permission beyond that which the user already possesses.

  • Auth Request Media Type — The format of the data you want to receive. This is an optional parameter that can be kept blank. For example, if you are invoking Twitter APIs, you do not need to select any type.

  • Client Authentication — You can optionally configure OAuth flows with client authentication. This is similar to the Postman user interface feature for configuring client authentication.

    • Send client credentials as basic auth header: Pass the client ID and client secret in the header as basic authentication.
    • Send client credentials in body: Pass the client ID and client secret in the body as form fields.

OAuth Resource Owner Password Credentials

  • Access Token URI — The URL from which to obtain the access token.

  • Client Id — The client identifier issued to the client during the registration process.

  • Client Secret — The client secret.

  • Confirm Client Secret — Reenter the client secret.

  • Scope — The scope of the access request. Scopes enable you to specify which type of access you need. Scopes limit access for the OAuth token. They do not grant any additional permission beyond that which the user already possesses.

  • Auth Request Media Type — The format of the data you want to receive.

  • Username — The resource owner’s user name.

  • Password — The resource owner’s password.

  • Confirm Password — Reenter the password.

  • Client Authentication — You can optionally configure OAuth flows with client authentication. This is similar to the Postman user interface feature for configuring client authentication.

    • Send client credentials as basic auth header: Pass the client ID and client secret in the header as basic authentication.
    • Send client credentials in body: Pass the client ID and client secret in the body as form fields.
OAuth Authorization Code Credentials

  • Client Id — The client identifier issued to the client during the registration process.

  • Client Secret — The client secret.

  • Confirm Client Secret — Reenter the client secret.

  • Authorization Code URI — The URI from which to request the authorization code.

  • Access Token URI — URI to use for the access token.

  • Scope — The scope of the access request. Scopes enable you to specify which type of access you need. Scopes limit access for the OAuth token. They do not grant any additional permission beyond that which the user already possesses.

  • Client Authentication — You can optionally configure OAuth flows with client authentication. This is similar to the Postman user interface feature for configuring client authentication.

    • Send client credentials as basic auth header: Pass the client ID and client secret in the header as basic authentication.
    • Send client credentials in body: Pass the client ID and client secret in the body as form fields.

OAuth Custom Three Legged Flow

See Configure the REST Adapter to Consume a REST API Protected with OAuth Custom Three Legged Flow Token-Based Authentication to learn more about this security policy.

  • Authorization Request — The client application URL to which you are redirected when you provide consent. The authorization server sends a callback to Oracle Integration to obtain an access token for storage. When you create your client application, you must register a redirect URI where the client application is listening.
    authorization_URI?query_parameters
    If you don't want to enter values in clear text for this field, do the following:
    • Specify the syntax using an available parameter: ${security_field_1} through ${security_field_4} (for example, define scopes as &scope=${security_field_1}). See Data Obfuscation Support.
    • Expand Optional security and enter the actual values for the parameters you used. To prevent detection, the values you enter are obfuscated. See Security Fields 1 - 4.

  • Access Token Request — The access token request to use to fetch the access token. Specify the request using CURL syntax. For example: 

    -X POST method -H headers -d string_data access_token_uri?query_parameters
    If you don't want to enter values in clear text for this field, do the following:
    • Specify the syntax using an available parameter: ${security_field_1} through ${security_field_4} (for example, define the client ID as &client_id=${security_field_3}).
    • Expand Optional security and enter the actual values for the parameters you used. To prevent detection, the values you enter are obfuscated. See Security Fields 1 - 4.

  • Refresh Token Request — The refresh token request to use to fetch the access token. This request refreshes the access token if it expires. Specify the request using CURL syntax. For example 

    -X POST method -H headers -d string_data refresh_token_uri?query_parameters
    If you don't want to enter values in clear text for this field, do the following:
    • Specify the syntax using an available parameter: ${security_field_1} through ${security_field_4} (for example, define client ID as &client_id=${security_field_2}).
    • Expand Optional security and enter the actual values for the parameters you used. To prevent detection, the values you enter are obfuscated. See Security Fields 1 - 4.
  • Sauth_code — Use regex to identify the authorization code.
    code
  • Saccess_token — Use a regular expression (regex) to retrieve the access token.
    access.[tT]oken
  • Srefresh_token — Use regex to retrieve the refresh token.
    refresh.[tT]oken
  • Sexpiry — Use regex to identify when the access token expires.
    expires_in

  • Stoken_type — Use regex to identify the access token type. 

    token.?[tT]ype

  • access_token_usage — Specify how to pass the token as multiple headers or multiple query parameters to access a protected resource. You cannot pass a mix of headers and query parameters.

    For headers:

    -H Authorization: ${token_type} ${access_token} -H validity: 30000 -H signature: ok

    You can optionally specify quotes for headers:

    -H 'Authorization: ${token_type} ${access_token}' -H 'validity: 30000' -H 'signature: ok'

    For query parameters:

    ?token=${access_token}&validity=3000&signature=ok

  • Security Fields 1 - 4

    Enter the actual values for any parameters you used. To prevent detection, the values you enter are obfuscated.

    • Security Field 1 — Enter the value for the ${security_field_1} parameter.

    • Security Field 2 — Enter the value for the ${security_field_2} parameter.

    • Security Field 3 — Enter the value for the ${security_field_3} parameter.

    • Security Field 4 — Enter the value for the ${security_field_4} parameter.

OAuth Custom Two Legged Flow

See Configure the REST Adapter to Consume a REST API Protected with OAuth Custom Two Legged Token-Based Authentication to learn more about this security policy.

  • Access Token Request — The access token request to use to fetch the access token. Specify the request using CURL syntax. For example: 

    -X POST method -H headers -d string_data access_token_uri?query_parameters
    If you don't want to enter values in clear text for this field, do the following:
    • Specify the syntax using an available parameter: ${security_field_1} through ${security_field_4} (for example, define client ID as &client_id=${security_field_1}). See Data Obfuscation Support.
    • Expand Optional security and enter the actual values for the parameters you used. To prevent detection, the values you enter are obfuscated. See Security Fields 1 - 4.

  • Refresh Token Request — The refresh token request to use to fetch the access token. This request refreshes the access token if it expires. Specify the request using CURL syntax. For example 

    -X POST method -H headers -d string_data refresh_token_uri?query_parameters
    If you don't want to enter values in clear text for this field, do the following:
    • Specify the syntax using an available parameter: ${security_field_1} through ${security_field_4} (for example, define the client secret as &client_secret=${security_field_3}). See Data Obfuscation Support.
    • Expand Optional security and enter the actual values for the parameters you used. To prevent detection, the values you enter are obfuscated. See Security Fields 1 - 4.
  • Saccess_token — Use regex to identify the access token.
    access.[tT]oken
  • Srefresh_token — Use regex to identify the refresh token.
    refresh.[tT]oken
  • Sexpiry — Use regex to identify when the access token expires.
    expires_in
  • Stoken_type — Use regex to identify the access token type.
    token.?[tT]ype

  • access_token_usage — Specify how to pass the token as multiple headers or multiple query parameters to access a protected resource. You cannot pass a mix of headers and query parameters.

    For headers:

    -H Authorization: ${token_type} ${access_token} -H validity: 30000 -H signature: ok

    You can optionally specify quotes for headers:

    -H 'Authorization: ${token_type} ${access_token}' -H 'validity: 30000' -H 'signature: ok'

    For query parameters:

    ?token=${access_token}&validity=3000&signature=ok

  • Security Fields 1 - 4

    Enter the actual values for any parameters you used. To prevent detection, the values you enter are obfuscated.

    • Security Field 1 — Enter the value for the ${security_field_1} parameter.

    • Security Field 2 — Enter the value for the ${security_field_2} parameter.

    • Security Field 3 — Enter the value for the ${security_field_3} parameter.

    • Security Field 4 — Enter the value for the ${security_field_4} parameter.

API Key Based Authentication

See Configure the REST Adapter to Consume a REST API Protected with the API Key to learn more about this security policy.

  • API Key — Specify the generated API key used to identify the client making the request.

  • Confirm API Key — Reenter the API key.

  • API Key Usage — Specify the URI syntax for how to pass the API key to access a protected resource.

    To pass the API key as a query parameter at runtime to access the protected resource:

    ?key=${api-key}

    To pass the API key as a header at runtime to access the protected resource.

    -H Authorization: Bearer ${api_key}
    For example:
    -H Authorization: Bearer AASDFADADX

OAuth 1.0 One Legged Authentication

  • Consumer Key — Specify the key that identifies the client making the request.

  • Consumer Secret — Specify the consumer secret that authorizes the client making the request.

  • Confirm Consumer Secret — Specify the secret a second time.

  • Token — Specify the token that accesses protected resource.

  • Token Secret — Specify the token secret that generates the signature for the request.

  • Confirm Token Secret — Specify the secret a second time.

  • Realm — Specify the realm that identifies the account.

Note: The HMAC-SHA256 signature encryption algorithm is supported by default and cannot be changed. HMAC-SHA1 is not supported in Oracle Integration 3.

OCI Signature Version 1 Specify the values you created when satisfying the prerequisites for using this security policy. See Prerequisites for Creating a Connection.
  • Tenancy OCID — Specify the value you copied from the Oracle Cloud Infrastructure Console.
  • User OCID — Specify the value you copied from the Oracle Cloud Infrastructure Console.
  • Private Key — Click Upload to select the key you created. Ensure that the key is in RSA (PKCS1) format. If you need to convert to this format, see Convert a Private Key from PKCS8 to RSA (PKCS1) Format for the OCI Signature Version 1 Security Policy.
  • Finger Print — Enter the finger print that was generated when you created the key in the Oracle Cloud Infrastructure Console.
  • Pass Phrase — Enter the pass phrase you created when creating the key.
  • Confirm Pass Phrase — Enter the pass phrase a second time.

OAuth Client Credentials using JWT Client Assertion

Note: This policy is typically used to invoke application-driven APIs.

  • Access token URI — Enter the URL to which to send a request to obtain the access token. For example:
    https://accounts.google.com/o/oauth2/token
  • JWT headers in JSON format — Upload the JWT header file in JSON format.
  • JWT payload in JSON format — Upload the JWT payload file in JSON format.
  • JWT private key alias — Enter the JWT private key alias. This is the same alias you specified when uploading the signing key certificate on the Certificates page.
  • Scope — (Optional) Enter the scopes.
  • Access token request — (Optional) Enter the request to obtain the access token. The format you specify can vary by service provider. See Variations of JWT Usage by Service Providers.

OAuth using JWT User Assertion

Note:
  • Access token URI — Enter the URL to which to send a request to obtain the access token. For example:
    https://accounts.google.com/o/oauth2/token
  • JWT headers in JSON format — Upload the JWT header file in JSON format.
  • JWT payload in JSON format — Upload the JWT payload file in JSON format.
  • JWT private key alias — Enter the JWT private key alias. This is the same alias you specified when uploading the signing key certificate on the Certificates page.
  • Scope — (Optional) Enter the scopes.
  • Access token request — (Optional) Enter the request to obtain the access token. The format you specify can vary by service provider. See Variations of JWT Usage by Service Providers.

OCI Service Invocation

After selecting this security policy, you are not prompted to specify any values. Configuration is automatic. However, you must perform all prerequisites for configuration to succeed.

See RPST and OCI Service Invocation Security Policy Use.

No Security Policy

If you select this security policy, no additional fields are displayed.

Variations of JWT Usage by Service Providers

Service providers implement JWT assertions in different ways, including how to specify the scope value and an access token request value in the Scope and Access token request fields when configuring the OAuth Client Credentials using JWT Client Assertion or OAuth using JWT User Assertion security policy on the Connections page.

Service Provider Requires Provide Consent? Scope and Access token request Fields on Connections Page Reference Documentation
Okta No 
curl --location --request POST 'https://${yourOktaDomain}/oauth2/v1/token' \ 
   --header 'Accept: application/json' \ 
   --header 'Content-Type: application/x-www-form-urlencoded' \ 
   --data-urlencode 'grant_type=client_credentials' \ 
   --data-urlencode 'scope=okta.users.read' \ 
   --data-urlencode 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer' \ 
   --data-urlencode 'client_assertion=eyJhbGciOiJSU....tHQ6ggOnrG-ZFRSkZc8Pw'
 Implement OAuth for Okta with a service app
Okta Yes 
POST /token HTTP/1.1
Host: server.example.com
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&
  code=<id_token>&
  client_id=<client_id>
  client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&
  client_assertion=<client_assertion>
 JWT with private key
NHS no 
curl -x post -h "content-type:application/x-www-form-urlencoded" --data \
"grant_type=client_credentials\
&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer\
&client_assertion=<your-signed-jwt>" \
https://api.service.nhs.uk/oauth2/token
 Application-restricted RESTful APIs - signed JWT authentication
NHS Yes 
curl --location --request POST 'https://api.service.nhs.uk/oauth2/token'\
--header 'Content-Type: application/x-www-form-urlencoded'\
--data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:token-exchange'\
--data-urlencode 'subject_token_type=urn:ietf:params:oauth:token-type:id_token'\
--data-urlencode 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer'\
--data-urlencode 'subject_token={NHS CIS2 ID token}\
--data-urlencode 'client_assertion={jwt token}

Step 4: Register your public key

User-restricted RESTful APIs - NHS login separate authentication and authorization
FHIR No 
POST https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion=<client_assertion>
 Using OAuth 2.0
FHIR Yes 
POST https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=[assertion]&client_id=[client_id]
 Standalone Launch
Microsoft No 
POST /{tenant}/oauth2/v2.0/token HTTP/1.1
Host: login.microsoftonline.com Content-Type: application/x-www-form-urlencoded
scope=https://graph.microsoft.com/.default
&client_id=97e0a5b7-d745-40b6-94fe-5f77d35c6e05
&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
&client_assertion=<client_assertion>
&grant_type=client_credentials
 Microsoft identity platform and the OAuth 2.0 client credentials flow
Microsoft Yes 
POST /oauth2/v2.0/token HTTP/1.1 Host: login.microsoftonline.com/<tenant> Content-Type: 
application/x-www-form-urlencoded 
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
client_id=<client_id>&
client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion=
<client_assertion> &assertion=<assertion>&requested_token_use=on_behalf_of 
&scope=https://graph.microsoft.com/user.read+offline_access
 Microsoft identity platform and OAuth 2.0 On-Behalf-Of flow
DocuSign Yes 
curl --data "grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
assertion=YOUR_JSON_WEB_TOKEN" --request POST https://account-d.docusign.com/oauth/token
 How to get an access token with JWT Grant
Adobe No 
POST https://ims-na1.adobelogin.com/ims/exchange/jwt
client_id={api_key_value}&client_secret={client_secret_value}&jwt_token=
{base64_encoded_JWT}
 JWT (Service Account) Authentication
Oracle Identity Cloud Service No 
POST <hostname>/oauth2/v1/token
grant_type=client_credentials&client_assertion_type=urn:ietf:params:oauth:client-assertion-
type:jwt-bearer&client_assertion=<client_assertion>&scope=<scope>
 Client/User JWT Assertion in REST API for Oracle Identity Cloud Service.
Oracle Identity Cloud Service No 
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=<user_assertion>&scope=
<scope>&client_assertion_type=urn:ietf:params:oauth:Aclient-assertion-type:jwt-bearer&
client_assertion=<client_assertion>
 Client/User JWT Assertion in REST API for Oracle Identity Cloud Service.

Configure the Endpoint Access Type

Configure access to your endpoint. Depending on the capabilities of the adapter you are configuring, options may appear to configure access to the public internet, to a private endpoint, or to an on-premises service hosted behind a fire wall.

Select the Endpoint Access Type

  1. Go to the Access type section.
  2. Select the option for accessing your endpoint.
    Option This Option Appears If Your Adapter Supports ...
    Public gateway Connections to endpoints using the public internet.
    Private endpoint Connections to endpoints using a private virtual cloud network (VCN).

    Note: To connect to private endpoints, you must complete prerequisite tasks in the Oracle Cloud Infrastructure Console. Failure to do so results in errors when testing the connection. See Connect to Private Resources in Provisioning and Administering Oracle Integration 3 and Troubleshoot Private Endpoints in Using Integrations in Oracle Integration 3.

    Connectivity agent

    Connections to on-premises endpoints through the connectivity agent.

    1. Click Associate agent group.

      The Associate agent group panel appears.

    2. Select the agent group, and click Use.

    To configure an agent group, you must download and install the on-premises connectivity agent. See Download and Run the Connectivity Agent Installer and About Creating Hybrid Integrations Using Oracle Integration in Using Integrations in Oracle Integration 3.

Ensure Private Endpoint Configuration is Successful

  • To connect to private endpoints, you must complete prerequisite tasks in the Oracle Cloud Infrastructure Console. Failure to do so results in errors when testing the connection. See Connect to Private Resources in Provisioning and Administering Oracle Integration 3.
  • When configuring an adapter on the Connections page to connect to endpoints using a private network, specify the fully-qualified domain name (FQDN) and not the IP address. If you enter an IP address, validation fails when you click Test.
  • IPSec tunneling and FastConnect are not supported for use with private endpoints.

Test the Connection

Test your connection to ensure that it's configured successfully.

  1. In the page title bar, click Test. What happens next depends on whether your adapter connection uses a Web Services Description Language (WSDL) file. Only some adapter connections use WSDLs.
    If Your Connection... Then...

    Doesn't use a WSDL

    The test starts automatically and validates the inputs you provided for the connection.

    Uses a WSDL

    A dialog prompts you to select the type of connection testing to perform:

    • Validate and Test: Performs a full validation of the WSDL, including processing of the imported schemas and WSDLs. Complete validation can take several minutes depending on the number of imported schemas and WSDLs. No requests are sent to the operations exposed in the WSDL.

    • Test: Connects to the WSDL URL and performs a syntax check on the WSDL. No requests are sent to the operations exposed in the WSDL.

  2. Wait for a message about the results of the connection test.
    • If the test was successful, then the connection is configured properly.
    • If the test failed, then edit the configuration details you entered. Check for typos and verify URLs and credentials. Continue to test until the connection is successful.
  3. When complete, click Save.