SDK and CLI Configuration File
Oracle Cloud Infrastructure SDKs and CLI require basic configuration information, like user credentials and tenancy OCID. You can provide this information by:
- Using a configuration file
- Declaring a configuration at runtime
You can use the Console to help generate a configuration file. For more information, see Generating an API Signing Key (Console).
The SDKs fully support both options. Refer to the documentation for each SDK for information about the config object and any exceptions when using a configuration file:
- Oracle Cloud Infrastructure SDK for Java Configuration
- Oracle Cloud Infrastructure SDK for Python Configuration
- Oracle Cloud Infrastructure SDK for Ruby Configuration
- Oracle Cloud Infrastructure SDK for Go Configuration
- Oracle Cloud Infrastructure SDK for TypeScript and JavaScript Configuration
- Oracle Cloud Infrastructure SDK for .NET Configuration
The CLI requires a configuration file, but also allows you to set environment variables to provide certain information. See CLI Environment Variables for more information.
File Name and Location
The default configuration file name and location is ~/.oci/config
.
On Windows, you can use PowerShell to create the folder with the following command:
mkdir %HOMEDRIVE%%HOMEPATH%\.oci
. File Explorer does not
support creating folder names that start with a period. File Entries
The following table lists the basic entries that are required for the configuration file, as well as where to get the required information.
Entry | Description and Where to Get the Value | Required? |
---|---|---|
user
|
OCID of the user calling the API. To get the value, see Required Keys and OCIDs. Example: |
Yes |
fingerprint
|
Fingerprint for the public key that was added to this user. To get the value, see Required Keys and OCIDs. |
Yes |
key_file
|
Full path and filename of the private key. Important: The key pair must be in PEM format. For instructions on generating a key pair in PEM format, see Required Keys and OCIDs. Example (Linux/Mac OS): Example (Windows): This corresponds to the file
|
Yes |
pass_phrase
|
Passphrase used for the key, if it is encrypted. Caution: This entry is deprecated, and is included for backward compatibility only. Avoid saving confidential information in the configuration file. For additional security, pass the passphrase to the SDK/CLI at run time. |
Yes, if key is encrypted and passphrase has not been configured to be passed to at runtime |
tenancy
|
OCID of your tenancy. To get the value, see Required Keys and OCIDs. Example: |
Yes |
region
|
An Oracle Cloud Infrastructure region. See Regions and Availability Domains. Example: |
Yes |
security_token_file
|
If session token authentication is being used, then this parameter is required. Using this authentication method makes fingerprint, user, and pass_phrase not required. Starting a session with the OCI CLI will populate all of the required parameters for this authentication method. See Starting a Token-based CLI Session. |
Conditional |
Custom Values
Some Oracle Cloud Infrastructure SDKs support defining custom values in the configuration file. Refer to the documentation for each SDK for more information.
Profiles and Inheritance
You can create multiple profiles with different values for these entries, then you can specify which profile to load.
Some Oracle Cloud Infrastructure SDKs require a DEFAULT profile and support profile inheritance. This means that any value that isn't explicitly defined for a given profile is inherited from the DEFAULT profile. Refer to the documentation for each SDK for more information.
Example Configuration
The following example (for Linux and Mac OS) shows key values in a configuration file and how to set profiles for a SDK that supports profile inheritance.
[DEFAULT]
user=ocid1.user.oc1..<unique_ID>
fingerprint=<your_fingerprint>
key_file=~/.oci/oci_api_key.pem
tenancy=ocid1.tenancy.oc1..<unique_ID>
region=us-ashburn-1
[ADMIN_USER]
user=ocid1.user.oc1..<unique_ID>
fingerprint=<your_fingerprint>
key_file=keys/admin_key.pem
pass_phrase=<your_passphrase>
[DEFAULT]
user=ocid1.user.oc1..<unique_ID>
fingerprint=<your_fingerprint>
key_file=%HOMEPATH%\.oci\oci_api_key.pem
tenancy=ocid1.tenancy.oc1..<unique_ID>
region=us-ashburn-1
[ADMIN_USER]
user=ocid1.user.oc1..<unique_ID>
fingerprint=<your_fingerprint>
key_file=keys\admin_key.pem
pass_phrase=<your_passphrase>