7.6.3 Add User to the Host ACL

For model providers like OpenAI, add users to the host ACL (Access Control List).

Note:

Host ACL entry is not required for OCI GenAI.
The following procedure grants the privilege to use the api.openai.com endpoint.

Note:

This procedure is not applicable to OCI Generative AI. 
BEGIN
    DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
         host => 'api.openai.com',
         ace  => xs$ace_type(privilege_list => xs$name_list('http'),
                             principal_name => 'OMLUSER',
                             principal_type => xs_acl.ptype_db)
   );
END;
The parameters are:

  • host: The host, which can be the name or the IP address of the host. You can use a wildcard to specify a domain or an IP subnet. The host or domain name is not case sensitive.

    AI Provider Host

    OpenAI

    api.openai.com

    OpenAI-compatible providers

    For example, for Fireworks AI, use api.fireworks.ai

    Cohere

    api.cohere.ai

    Azure OpenAI Service

    <azure_resource_name>.openai.azure.com

    See Profile Attributes to know more about azure_resource_name.

    Google

    generativelanguage.googleapis.com

    Anthropic

    api.anthropic.com

    Hugging Face

    api-inference.huggingface.co

    AWS

    bedrock-runtime.us-east-1.amazonaws.com

  • ace: The access control entries (ACE). The XS$ACE_TYPE type is provided to construct each ACE entry for the ACL. For more details, see Creating ACLs and ACEs .

Parent topic: Prerequisites to use Data Science Agent