1. Provisioning and Administering Oracle Integration 3
  2. Upgrade from Oracle Integration Generation 2 to Oracle Integration 3
  3. Prepare for the Upgrade to Oracle Integration 3
  4. Update Allowlists

Update Allowlists

Important:

If your organization uses allowlists, you must add the IP addresses and URLs to your allowlists before upgrade to prevent errors and to make sure Oracle Integration can access your applications.
  1. Get the new IP addresses:

    The new IP addresses appear on the Upgrade page approximately two weeks before your upgrade.

    1. In the navigation pane, click Settings, then Upgrade.
    2. Under Allowlist IP Addresses, note the following IP values:
      • OIC Design-time IPs: IP addresses for traffic entering into Oracle Integration 3 design time (the Oracle Integration 3 application).
      • OIC Runtime IP: IP address for traffic entering into your Oracle Integration 3 runtime applications.
      • OIC Outbound IP: IP address for traffic exiting Oracle Integration 3.
      • VB Inbound IP: IP address for traffic entering into Visual Builder.
      • VB Outbound IPs: IP addresses for traffic exiting Visual Builder.
      • Process Outbound IP: IP address for traffic exiting Process Automation.
    3. You also need the IDCS IP address. To find the IDCS IP address, use the following command, replacing IDCS_GUID with the Identity Service ID:

      nslookup IDCS_GUID.identity.oraclecloud.com

  2. Get the new URLs:
    • Runtime URL for Oracle Integration: This is the same as your existing Oracle Integration Generation 2 runtime URL.
    • Design-time URL for Oracle Integration 3: This is in the following format:

      https://design.integration.region.ocp.oraclecloud.com/?integrationInstance=query_parameter_repersenting_instance

    • Oracle Identity Cloud Service (IDCS) URL: This is the URL you use to sign into Oracle Integration.
  3. Update your allowlists according to your organization's procedures:

    For example, you may use the following types of allowlists with Oracle Integration.

    Type of allowlisting Next steps

    Restrict inbound traffic to an Oracle Integration instance

    None.

    Oracle migrates your existing access allowlists (also known as access control lists, or ACLs) as part of the upgrade.

    Allow traffic coming from your network into Oracle Integration

    Add the new ingress IP address for Oracle Integration to your internal firewall allowlist.

    Find the IP address on the Upgrade page two weeks prior to the upgrade.

    Allow outbound traffic from an Oracle Integration instance to your cloud systems

    For each service that Oracle Integration accesses, add the OIC Outbound IP address to their allowlist.

    Restrict inbound traffic to File Server

    None. Oracle updates these allowlists for you.

    Allow traffic from your connectivity agents into IDCS and Oracle Integration

    		 Configure connectivity from your connectivity agents to Oracle Identity Cloud Service (IDCS) and Oracle Integration. Add the following to the allowlists for the servers that host your connectivity agents:
    • The IDCS URL and IP address
    • The Oracle Integration design-time URL and IP address
    • The Oracle Integration runtime URL and IP addresses
    • The ingress IP address for Oracle Integration

    Caution:

    If you update allowlists before the upgrade, don't remove the IP addresses for Oracle Integration Generation 2 yet. You might experience errors. After the upgrade finishes, the Oracle Integration Generation 2 IP addresses are no longer assigned to you and you can remove them.

Next, plan to limit or pause your development work during the days leading up to the upgrade. See Limit Development Work Before the Upgrade.