2.159 IDENTITY_PROVIDER_CONFIG

Use IDENTITY_PROVIDER_CONFIG to configure the database to use Microsoft Entra ID (previously called Microsoft Azure AD) as an external identity provider.

Property Description

Parameter type

String

Syntax

 
IDENTITY_PROVIDER_CONFIG =
'{ "application_id_uri" : "string",
   "tenant_id" : "string",
   "app_id" : "string" }'

Where:

  • The application_id_uri value is obtained from the registered application, to be mapped in the JWT "aud" (audience) claim. It must be domain qualified and start with "https://" to specify the OCI database to access.

  • The tenant_id value is obtained from the tenant configuration and is also available on the database application registration overview page.

  • The app_id value is obtained from the registered resource application and is also available on the database application registration overview page.

Default value

None

Modifiable

ALTER SYSTEM

Modifiable in a PDB

Yes

Basic

No

Oracle RAC

The same value must be used on all instances.

This parameter is effective only when the database is enabled to use Entra ID as an external identity provider, that is, when the IDENTITY_PROVIDER_TYPE initialization parameter is set to AZURE_AD. You must use this parameter to specify Entra ID configuration settings.

Example:

ALTER SYSTEM SET IDENTITY_PROVIDER_CONFIG =
  '{ "application_id_uri" : "https://example.com/pdb1",
     "tenant_id" : "111a1111-a11a-111a-111111111111a",
     "app_id" : "11aa1a1-aaaa-1111-1111-1111aa111111" }'
   SCOPE=BOTH;

Note:

Setting the value of this parameter is only one step in a series of steps for configuring the database to use Entra ID. Refer to Oracle AI Database Security Guide for the complete steps before you set this parameter.

Note:

For additional information about using this parameter with Oracle Autonomous AI Database, refer to "Use Microsoft Entra ID with Autonomous AI Database".

Note:

This parameter is not available to update directly for Oracle Autonomous AI Database Serverless.

Note:

This parameter is available in Oracle Database 19c, starting with version 19.16, and in Oracle AI Database 26ai. This parameter is not available in Oracle Database 21c.

See Also:

"IDENTITY_PROVIDER_TYPE"