Oracle Cloud Infrastructure Documentation

Registering the Oracle AI Database Instance with a Microsoft Entra ID Tenancy

A user with Entra ID administrator privileges uses Microsoft Entra ID to register the Oracle AI Database instance with the Microsoft Entra ID tenancy.

  1. Log in to the Azure portal as an administrator who has Microsoft Entra ID privileges to register applications.
  2. In the Azure Active directory admin center page, from the left navigation bar, select Azure Active Directory.
  3. In the MS - App registrations page, select App registrations from the left navigation bar.
  4. Select New registration.
    The Register an application window appears.
  5. In the Register an application page, enter the following Oracle AI Database instance registration information:
    • In the Name field, enter a name for the Oracle AI Database instance connection (for example, Example Database).
    • Under Supported account types, select the account type that matches your use case.
      • Accounts in this organizational directory only (tenant_name only - Single tenant)
      • Accounts in any organizational directory (Any Entra ID directory - Multitenant)
      • Accounts in any organizational directory (Any Entra ID directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
      • Personal Microsoft accounts only
  6. Bypass the Redirect URI (Optional) settings. You do not need to create a redirect URI because Entra ID does not need one for the database server.
  7. Click Register.
    After you click Register, Entra ID displays the app registration's Overview pane, which will show the Application (client) ID under Essentials. This value is a unique identifier for the application in the Microsoft identity platform. Note the term Application refers to the Oracle AI Database instance.
  8. Register a scope for the database app registration.
    A scope is a permission to access the database. Each database will need a scope so that clients can establish a trust with the database by requesting permission to use the database scope. This allows the database client to get access tokens for the database.
    1. In the left navigation bar, select Expose an API.
    2. Under Set the App ID URI, in the Application ID URI field, enter the app ID URI for the database connection using the following format, and then click Save:
      your_tenancy_url/application_(client)_id

      In this specification:

      • your_tenancy_url must include https as the prefix and the fully qualified domain name of your Entra ID tenancy.
      • application_(client)_id is the ID that was generated when you registered the Oracle AI Database instance with Entra ID. It is displayed in the Overview pane of the app registration.

      For example:

      https://sales_west.example.com/1aa11111-1a1z-1a11-1a1a-11aa11a1aa1a
    3. Select Add a scope and then enter the following settings:
After you complete these steps, you are ready to add one or more Azure app roles, and then perform the mappings of Oracle schemas and roles.