Creating Global Connections

Global connections enable you to share data with external applications using extracts or to connect to Oracle Address, Email, and Phone Verification to verify addresses.

The following connection types are supported:

• Microsoft Azure Blob Storage: Send data to a Microsoft Azure Blob Storage file container.
• Oracle Address, Email, and Phone Verification: Verify addresses in requests by connecting to an external verification service.
• Oracle Cloud EPM: Send data to an Enterprise Performance Management inbox for use by a metadata import process.
• Oracle Cloud ERP: Send data to a Universal Content Management (UCM) document account for use by an File Based Data Import (FBDI) process.
• Oracle Object Storage: Serve as technology adapters for more general purpose external systems.

Use Cases

• Global connections to the Oracle Address, Email, and Phone Verification service enables you to verify addresses in requests. See Integrating with Oracle Address, Email, and Phone Verification Service.
• Global connections to Microsoft Azure Blob Storage can be used to transfer the output from extracts and extract packages to a Microsoft Azure Blob Storage file container.
• Global connections to Oracle Cloud ERP can be used to transfer data such as account combinations, mapping sets, and related value sets for import into Financials Cloud.
• Global connections to Oracle Cloud EPM can be used in the following ways:
  • Universal applications that manage the Account Reconciliation business process can use global connections to send profiles to the application inbox.
  • Universal applications that manage dimensions for the Profitability and Cost Management business process can use global connections to send metadata files to the profitinbox.
  • To send mapping files to a Data Management inbox

Note:

Global connections are not used for application imports and exports. Instead, the application connection information that you specify when registering the application is used.

You can restrict connection types so that they can be used only by specific applications in Oracle Fusion Cloud Enterprise Data Management. Global connections to Oracle Address, Email, and Phone Verification service apply to all applications.

Creating a Global Connection

Note:

You must be a Service Administrator in order to create global connections.

Considerations

• After you create a global connection, you can use it in an extract. You can use a global connection in multiple extracts, but each extract can use only one global connection.

  Note:

  You cannot use an Oracle Address, Email, and Phone verification connection type in an extract.
• You cannot change the connection type after you create a global connection.
• You can use global connections for extracts only. You cannot run a dimension export using a global connection.
• The parameters that you specify for a global connection are determined by the connection type.
• Global connections to Oracle Cloud EPM and Oracle Cloud ERP applications support basic and OAuth2 authentication. You must register an OAuth2 client for each global connection. See Using OAuth2 for Application and Global Connections.
• Global connections to Oracle Object Storage support basic authentication and API Signing Key authentication.
• Global connection to Oracle Address, Email, and Phone Verification supports OAuth2 authentication only.

To create a global connection:

1. From the Connections cluster, click Create.
2. Select the connection type:
   • Microsoft Azure Blob Storage
   • Oracle Address, Email, and Phone Verification

     Note:

     You can create only one global connection for Oracle Address, Email, and Phone Verification.
   • Oracle Cloud EPM
   • Oracle Cloud ERP
   • Oracle Object Storage
3. Enter a name and, optionally, a description for the connection, and then click Create.

   The global connection is displayed in the connection inspector.

4. Click Edit and specify the parameters for the connection. The parameters that you specify are dependent on the connection type:
   • Microsoft Azure Blob Storage parameters:

     Field	Description
     Location	The URL for the Microsoft Azure Blob Storage account. For example: https://myblobstorageaccount.blob.core.windows.net Note: The URL must contain the name of your Azure Blob Storage Account (myblobstorageaccount in the above example). This account must have the Storage Blob Data Contributor role assignment in Azure.
     Tenant ID	The Tenant ID for the application registration in the Microsoft Azure tenant.
     Client ID	The Application (client) ID of a service principal in the Microsoft Azure tenant.
     Client Secret	The Value of the Client Secret in the Microsoft Azure tenant.
     Default Container Name	The data storage Container to write data to in the Microsoft Azure tenant. The container must exist in the Azure tenant.
     Default Subfolder	Optional: The subfolder within the container to write data to in the Microsoft Azure tenant. Note: If the subfolder that you specify doesn't exist, it will be created when the extract or extract package is run to this connection. You can specify additional subfolders using the forward slash (/) character (for example, Application/Extract Data).

   • Oracle Address, Email, and Phone Verification parameters:

     Field	Description
     Location	The URL for the Oracle Address, Email, and Phone Verification server. For example: https://mydataservice-myidentitydomain.data.us2.oraclecloud.com Caution: If you are pasting the address from your browser, do not include the context (for example, /data/ui) in your URL.
     Client ID	The OAuth Client ID to use when connecting to the address verification service. Note: You must create OAuth client credentials for the Oracle Address, Email, and Phone Verification service. See How to Begin with Address, Email, and Phone Verification in Using Oracle Address, Email, and Phone Verification.
     Client Secret	The OAuth Client Secret to use when connecting to the address verification service.

   • Oracle Cloud EPM parameters:

     Field	Description
     Location	The URL for the EPM inbox. For example: https://acme-test-epmidm.epm.us-phoenix-1.ocs.oraclecloud.com Caution: If you are pasting the address from your browser, do not include the context (for example, /epmcloud) in your URL.
     Authentication Type	Select an option: Basic: Use the provided user credentials to authenticate. OAuth: Use OAuth2 IDs and tokens to authenticate. (Available for environments on Oracle Cloud Infrastructure (OCI) / Gen 2 architecture only.) Using OAuth2 for Application and Global Connections
     Default Folder (Optional)	Default folder to send extract files to in Cloud EPM environments: Planning, FreeForm, Financial Consolidation and Close, Enterprise Profitability and Cost Management default application inbox Data Management folder (for example, inbox/repository) Profitability and Cost Management inbox (for example, profitinbox)
     Basic Authentication Parameters:
     User Name/Password	Credentials required for basic authentication
     Identity Domain (Optional)	Identity domain to append in front of the user name when authorizing.
     OAuth Authentication Parameters:
     Client ID	Client ID for the client that you created for global connections.
     Access Token	Access token for the client that you created for global connections.
     Refresh Token	Refresh token for the client that you created for global connections.

   • Oracle Cloud ERP parameters:

     Field	Description
     Location	The URL for the EPM server. For example: https://erp.mycloud.com
     Authentication Type	Select an option: Basic: Use the provided user credentials to authenticate. OAuth: Use OAuth2 IDs and tokens to authenticate. (Available for environments on Oracle Cloud Infrastructure (OCI) / Gen 2 architecture only.) Using OAuth2 for Application and Global Connections
     Default Document Account	Folder to extract file to in Oracle Cloud ERP. For example, fin/generalLedger/import.
     Basic Authentication Parameters:
     User Name/Password	Credentials required for basic authentication
     Identity Domain (Optional)	Identity domain to append in front of the user name when authorizing.
     OAuth Authentication Parameters:
     IDCS Token URL	Provider authentication server. Used to exchange an authorization code for an access token.
     Client ID	Client ID for the client that you created for global connections.
     Scope	Provides a method to govern the amount of access that is granted to a JSON Web Token.
     Certificate Alias	The alias that you specified when you imported the certificate into Cloud ERP.
     Private Key Upload	Certificate file that you imported into Cloud ERP. Click Upload File Location to upload the file. The file must have a .PEM file extension.

   • Oracle Object Storage parameters:

     Field	Description
     Location	The Swift URL of the Oracle Object Storage Cloud bucket. The format of the URL is: https://swiftobjectstorage.region_identifier.oraclecloud.com/v1/namespace, where: host name (using the Swift API type), for example, swiftobjectstorage. region_identifier is the hosting Oracle Cloud Infrastructure (OCI), for example us-phoenix-1. See Regions and Availability Domains. namespace is the top-level container for all buckets and objects. Each Oracle Cloud Infrastructure tenant is assigned a unique system-generated and immutable Object Storage namespace name at account creation time. Tip: The Oracle Object store Swift URL should include the version and namespace. Do not include a trailing forward slash in the Location parameter.
     Authentication Type	Select the Basic or API Signing Key authentication method.
     Basic
     User Name/Password	Credentials required for authentication, as follows: Generate an Auth token (see To create an Auth token in Oracle Cloud Infrastructure Documentation). For User Name, enter the OCI user name that the Auth token was generated for. For Password, enter the generated Auth token. This parameter is case-sensitive.
     API Signing Key
     Tenancy OCID User OCID Public Key Fingerprint Private Key Upload	Credentials required for an API Signing Key, as follows: In the Oracle Cloud console, generate an API Signing Key. See How to Generate an API Signing Key in Oracle Cloud Infrastructure Developer Guide. From the console, download the private key and save it to your .oci directory, and then click Add. The parameters for the signing key are displayed in the console. Copy the following parameters from the console and paste them in Cloud EDM: In Tenancy OCID, paste the tenancy value from the console. In User OCID, paste the user value from the console. In Public Key Fingerprint, paste the fingerprint value from the console. In Private Key Upload, click Upload and upload the private key file that you downloaded in step b.
     Default Bucket (Optional) Note: This field is required to test your connection.	Container to store the extracted file within the namespace for the object storage. This parameter is case-sensitive.
     Default Subfolder (Optional)	Subfolder under the Default Bucket to write the extract file to. If the subfolder that you specify does not exist, it will be created. This parameter is case-sensitive.

5. (Optional): In Supported Applications, click Specified, and then select the applications that can use this global connection.
6. Click Test Connection to validate the connection details.

   Note:

   For Oracle Object Storage connections, you must enter a Default Bucket in order to test the connection.
7. Click Save.

   Note:

   All issues must be corrected in all connections before you can save the connections. If there are any missing required fields in the connection details of any connections, an indicator is displayed on that connection and an error is displayed that one or more connections has issues that must be fixed.

To delete a global connection, from the Actions column click , and then click Delete. You cannot delete a global connection that is being used by an extract. You cannot delete an Oracle Address, Email, and Phone Verification global connection if it is being used by an Address property.