Oracle Cloud Infrastructure Documentation

Creating an Identity

When you create an identity, it creates a new credential in the target database associated with the connection. You can create multiple identities for a connection. However, you can create an identity only for a connection with runtime identity as resource principal.

Prerequisites

Before creating an identity, ensure that you complete the following tasks.

  • Create a connection with the runtime identity as resource principal. See Resource Principal.

  • Grant execute privileges on the DBMS_CLOUD package for the user and the schema specified in the associated Database Tools connection. Each identity is associated with a Database Tools connection, which has a schema and user. For identity to work properly, you must grant the required privileges on the DBMS_CLOUD package to this user or schema. 

    grant execute on DBMS_CLOUD to <user>

Additionally, ensure that you complete the following tasks for Oracle Base Database Service. You don't have to perform these tasks for Autonomous Database instances as OCI manages the configuration.

  • Install and configure the DBMS_CLOUD package on the target database. Oracle Cloud Infrastructure uses the DBMS_CLOUD package to manage and update the credential that you create in the target database. See Installing DBMS_CLOUD.
  • Create the required networking rules to enable communication between the target database and OCI using HTTPS.
  • Install the required certificates and wallet to access the target database.
To create an identity:
  1. Open the navigation menu and select Developer Services.
  2. In the Database Tools section, select Connections.
  3. Click the name of the connection that you are interested in.
    Identity is available only for a connection that uses resource principal.
  4. On the connection details page, select the Identities tab.
  5. Click Create Identity.
  6. Enter the following information.
    • Name: Enter a unique and descriptive name for the identity. The username must be between 1 and 255 ASCII characters in length.
    • Compartment: The compartment where you want to create the identity, if different from the compartment you're currently working in.
    • Credential Key: Enter a unique name for the credential, preferably in upper case. Conform to the Oracle Database object naming rules, which do not allow spaces or hyphens. Oracle does not recommend using quoted identifiers, although it is supported. Oracle Cloud Infrastructure creates a credential with the name you specify in the target database.
    • Advanced options: Optional. You can apply tags to your resources to help you organize them according to your business needs. You can apply tags at the time you create a resource, or you can update the resource later with tags. For general information about applying tags, see Resource Tags.
  7. Click Create.
    The identity is initially in the Creating state. After some time, the state of the identity changes to Active when the identity is ready.

An identity is created and it creates a new credential, with the specified name, in the target database associated with the connection.

Next, validate that the identity works. See Validating an Identity.