Prerequisites
To use the Oracle Cloud Infrastructure AI services such as OCI Document Understanding, OCI Generative AI, OCI Generative AI Agents RAG, OCI Language, OCI Speech, and OCI Vision in an integration, you must satisfy the following prerequisites in the Oracle Cloud Infrastructure Console.
- Ensure that your cloud tenancy uses identity domains.
-
Create a dynamic group and a policy to grant access to the specific OCI AI service that you want to use (such as OCI Document Understanding, OCI Generative AI, OCI Generative AI Agents RAG, OCI Language, OCI Speech, or OCI Vision).
Create the required dynamic group and assign a policy to that group to allow your Oracle Integration instance to access the specific OCI AI service that you want to use. The policy defines the permissions for the dynamic group and determines which operations the dynamic group can perform on the OCI AI service.
- Log in to the Oracle Cloud Infrastructure Console.
- Obtain the client ID of the OAuth application for the Oracle Integration instance.
- In the upper right corner, select Profile, then click the identity domain.
- In the menu bar, click Oracle Cloud Services.
The Oracle Cloud Services page for your domain appears.
- In the Name column, click your service instance.
- Click OAuth configuration.
- Scroll down to the General Information section and copy the client ID value to use to create your dynamic group.
- Scroll to the top and click
Oracle cloud services to
return to the main page for the identity domain.
- In the menu bar, click Dynamic groups.
- Click Create dynamic group.
- Enter the following details:
- In the Name and Description fields, enter values. These fields are required.
- In the Matching rules section, enter the required rule. The resource ID you specify must match the client ID of the OAuth application of your Oracle Integration instance. Ensure that you enclose the value in single quotes. For example:
resource.id = 'client_ID'
- Click Create.
- In the left navigation pane, click Policies.
- Click Create Policy.
- Select the compartment in which to create the policy.
- Complete the following details and click Create.
- In the Name and Description fields, enter values. These fields are required.
- In the Policy Builder section, build the required policy for the dynamic group:
OCI AI service Policy OCI Document Understanding allow dynamic-group dynamic_group to manage ai-service-document-family in compartment compartment_name
OCI Generative AI allow dynamic-group <dynamic-group_name> to manage generative-ai-family in compartment <compartment-name>
OCI Generative AI Agents RAG allow dynamic-group <dynamic-group_name> to manage object-family in compartment <compartment-name>
allow dynamic-group <dynamic-group_name> to manage genai-agent-family in tenancy
OCI Language allow dynamic-group <dynamic-group_name> to manage ai-service-language-family in compartment <compartment-name>
OCI Speech allow dynamic-group <dynamic-group_name> to manage ai-service-speech-family in compartment <compartment-name>
OCI Vision allow dynamic-group dynamic_group to manage ai-service-vision-family in compartment compartment_name
Where:dynamic_group
ordynamic-group_name
: Is the dynamic group name you specified in Step 6.compartment_name
orcompartment-name
: Is the compartment in which your Oracle Integration instance is located.
This enables the Oracle Integration instance associated with the dynamic group to call the specific OCI AI service that you want to use in this particular compartment.
See About Document Understanding Policies, About Vision Policies, and About Speech Policies.