Learn About Users and Resources

To understand access control, familiarize yourself with the resources that can require permissions, and the people and resources who require those permissions.

Big Picture: Resources, Managers, and Users

Before you dive into the details, review all the resources that require protection, the people who are responsible for protecting them, and the people and resources that access them.

A diagram identifies the key resources for Oracle Integration, the people who manage who and what can use them, and the people and resources that use them. (1) The Oracle Integration instance user interface: Managed by Oracle Cloud Infrastructure tenant and domain administrators, and used by instance users. (2) The Oracle Integration instance APIs: Managed by Oracle Cloud Infrastructure tenant and domain administrators, and used by instance users and client systems. (3) Projects: Managed by instance users with the ServiceDeveloper role, and used by instance users. (4) File Server: Managed by instance users with the ServiceAdministrator role, and used by instance users and client systems. (5) Target systems: Managed by Oracle Cloud Infrastructure tenant and domain administrators and instance users with the ServiceDeveloper role, and used by connections. (6) Oracle Cloud Infrastructure lifecycle operations for the Oracle Integration instance: Managed by the Oracle Cloud Infrastructure tenant and domain administrator, and used by Oracle Cloud Infrastructure instance administrators.

Resources

Familiarize yourself with all of the resources that your organization is responsible for protecting.

The following resources appear: The Oracle Integration instance user interface, the Oracle Integration instance APIs, projects, File Server, target systems, and Oracle Cloud Infrastructure lifecycle operations for the Oracle Integration instance

Resource Description
Oracle Integration instance user interface

The Oracle Integration instance user interface is the service instance where Oracle Integration users sign in and then design, deploy, and monitor integrations.

Users have two ways to access an Oracle Integration instance: its user interface and its APIs.

Oracle Integration instance APIs

The Oracle Integration instance APIs include the following types of APIs:

Note: The APIs for provisioning and administering an Oracle Integration instance are separate from the Oracle Integration APIs. The provisioning and administering APIs are part of the OCI (Oracle Cloud Infrastructure) lifecycle operations for the Oracle Integration instance entry in this table.

Users have two ways to access an Oracle Integration instance: its user interface and its APIs.

Projects

Projects are components within an Oracle Integration instance.

Instance users work in projects, which provide a single workspace for designing, managing, and monitoring integrations. See Design, Manage, and Monitor Integrations in Projects in Using Integrations in Oracle Integration 3.

File Server repository

File Server is an SFTP-compliant repository that is connected to an Oracle Integration instance.

Use File Server for storing and retrieving files, and access it using its APIs or an SFTP client. People and integrations can access File Server. See About File Server in Using File Server in Oracle Integration 3.

Target systems

A target system is an application or service that an integration connects to and then completes a task in. An integration must be able to access target systems so that it can run as expected.

Target systems can be Oracle services, third-party services, or applications that your organization has developed.

Oracle Cloud Infrastructure lifecycle operations for the Oracle Integration instance

You perform Oracle Cloud Infrastructure (OCI) lifecycle operations for the Oracle Integration instance using the Oracle Cloud Infrastructure Console. You have the following options for accessing the Oracle Cloud Infrastructure Console:

  • User interface

    The lifecycle operations that you can perform in the user interface are documented in a separate guide. See Create and Edit Oracle Integration 3 Instances in Provisioning and Administering Oracle Integration 3.

  • Oracle Cloud Infrastructure lifecycle API

    The Oracle Cloud Infrastructure APIs include endpoints for every Oracle Cloud Infrastructure service that is accessible from the Oracle Cloud Infrastructure Console.

    • To see a list of all the included APIs, see API Reference and Endpoints in the Oracle Cloud Infrastructure Documentation.

    • To see only the Oracle Integration lifecycle APIs, which allow you to manage the lifecycle of an Oracle Integration instance, see Oracle Integration API.

  • Oracle Cloud Infrastructure lifecycle CLI

    See Oracle Integration CLI.

Managers of the Resources

At most organizations, several or many people are responsible for managing users' access to resources. These individuals typically use this guide to learn how to protect their organization's resources and data.

Note:

People often have several job functions. For instance, some instance users are also OCI (Oracle Cloud Infrastructure) instance administrators.
Job function Description Works in the Oracle Cloud Infrastructure Console through the user interface, APIs, or CLI Works in the Oracle Integration instance through the user interface or built-in APIs

Oracle Cloud Infrastructure tenant and domain administrator

The highest-level administrator for Oracle services is responsible for managing all services in your organization's Oracle Cloud Infrastructure tenancy. Responsibilities include the following:

  • Creating a compartment to hold one or more Oracle Integration instances for your organization.

  • Administering the users, groups, and policies that dictate the security posture of the tenancy.

  • Granting permissions to OCI instance administrators so that they can manage the Oracle Integration instances in the compartment.

  • Creating Oracle Integration users in the identity and access management tool.

  • Assigning service roles to other Oracle Integration users so that they have the appropriate access to do their jobs.

Yes

No

Oracle Cloud Infrastructure instance administrators

This administrator manages the lifecycle of one or more Oracle Integration instances, including performing the following tasks:

  • Creating and configuring one or more Oracle Integration instances.

  • Managing the lifecycle of each Oracle Integration instance.

  • Adding access control lists, configuring custom endpoints, and setting up the transfer of data to Oracle Cloud Infrastructure Logging.

Yes

No

Instance users

Instance users with one or more of the following service roles:

  • ServiceAdministrator

  • ServiceDeveloper

  • ServiceMonitor

  • ServiceDeployer

  • ServiceUser

  • ServiceInvoker

  • ServiceViewer

Users' service roles determine their access. Granular service roles are available. See Oracle Integration Service Roles in Provisioning and Administering Oracle Integration 3.

Instance users have different responsibilities, depending on their roles. For example, they might be responsible for some or all of the following tasks:

  • Managing and administering the features provisioned in an Oracle Integration instance.

  • Designing integrations.

  • Controlling the people who can edit, view, and monitor the resources in a project.

  • Configuring the security of a connection that an integration uses to connect to an application.

  • Monitoring integrations.

  • Viewing information about integrations and other components.

No

Yes

Users of the Resources

People and resources require permissions to access Oracle Integration and its related resources. In many cases, the people who manage access to Oracle Integration often also require access to Oracle Integration.

User or resource Description

Oracle Cloud Infrastructure instance administrators

For details about Oracle Cloud Infrastructure (OCI) administrators, see Managers of the Resources.

Instance users

See Managers of the Resources.

Client systems

An application that calls an integration in an Oracle Integration instance using a connection.

Connections

The method that an Oracle Integration instance uses to connect to an application. Every connection is based on an adapter.

For more information, see About Connections in Using Integrations in Oracle Integration 3.