Oracle Agriculture Intelligence Administrator Guide - Deployment Guide

Understanding the Oracle Cloud Infrastructure (OCI) Deployment Model

Oracle Agriculture Intelligence is delivered as a managed SaaS solution on OCI. Oracle handles infrastructure, system reliability, data processing pipelines, scaling, and continuous updates, allowing administrators to focus on configuration, governance, and user access rather than deployment engineering. The platform is designed to integrate smoothly into existing government IT environments while maintaining the security and performance guarantees of OCI.

Administrators interact primarily with Oracle Cloud Infrastructure (OCI), using the OCI Console to configure identity, access control, and integration settings. Because the service is fully managed, administrators do not provision compute resources, maintain servers, or perform system patching.

This approach reduces operational burden and allows administrators to focus on governance, user access, and alignment with organizational IT policies.

1. Provisioning the Service

Once a ministry or agency subscribes to Oracle Agriculture Intelligence, Oracle provisions two OCI tenancies:

Administrators access the customer tenancy through the OCI Console to configure users, groups, and identity federation.

After provisioning, administrators sign in to the OCI Console to begin configuring identity and access. At this stage, administrators validate that authentication is working correctly and that users can successfully access the application. System-level components do not require configuration, as Oracle manages the underlying architecture.

Configuring Multiple Environments

Oracle Agriculture Intelligence includes multiple environments, such as a testing environment for validating new configurations and a production environment for daily operational use.

These environments mirror each other in structure, but they may not always reflect identical data conditions, since satellite processing and forecasting pipelines run continuously. Administrators should treat test environments as places to validate settings, not as replicas of production data.

Access to different environments is typically controlled through separate endpoints and IAM configurations defined in OCI.

Network and Access Requirements

Administrators may need to allow access to Oracle Cloud Infrastructure (OCI) service endpoints to access the application. Because Oracle Agriculture Intelligence is a SaaS service, access typically occurs over secure HTTPS connections. In environments using single sign-on or identity federation, administrators may also need to coordinate with internal identity management teams to confirm that authentication flows are properly configured.

If the agency uses IP allowlists or strict network segmentation, administrators may need to include Oracle endpoints to ensure uninterrupted access. These configurations depend on internal IT policies and may vary across ministries or agencies.

2. Loading data and fine-tuning models

Initial configuration of Oracle Agriculture Intelligence includes loading local datasets and fine-tuning AI models. This process is conducted in collaboration with Oracle’s Data Science team rather than directly through OCI administrative interfaces.

This process begins with a data-sharing agreement and the establishment of a regular working cadence between your project’s data leads and Oracle’s Data Science team. Together, you will determine which crops to target first and define a plan for sharing locally sourced ground-truth data. This ground-truth data is essential for properly tuning the crop detection models and ensuring accuracy across regions and seasons.

Additional government datasets, such as administrative boundaries, soil maps, and other environmental layers, accelerate the creation of the national digital twin that powers crop monitoring, production forecasting, and risk identification. Oracle’s Data Science team will guide you through the full list of required datasets and the preferred formats for each.

3. Configuring your Identity Provider

Identity configuration is performed in Oracle Cloud Infrastructure Identity and Access Management (OCI IAM). Administrators use the OCI Console to define users, groups, and authentication methods.

Learn more….

Federating Identity from Your Identity Provider(s)

Most organizations prefer to integrate OCI IAM with an existing corporate directory. Federating your identity provider avoids maintaining separate identity repositories and keeps access management centralized. With federation enabled, users continue signing in with their existing enterprise credentials, while OCI IAM relies on those identities for authentication and authorization.

OCI IAM supports SAML-based federation and just-in-time provisioning. This means user accounts are automatically created or updated the first time a federated user signs in, eliminating manual provisioning steps.

Learn more…

4. Defining User Roles

After configuring identity, administrators define access by mapping OCI IAM groups to Oracle Agriculture Intelligence application roles (Administrator, Contributor, Viewer).

The recommended approach is to use just-in-time provisioning with group mapping. Administrators map groups from the identity provider to OCI IAM groups and associate those groups with application roles. When a user signs in, IAM automatically assigns the appropriate access based on their group membership.

5. Verifying Successful Deployment

Once the system is provisioned and configured, administrators should perform a quick validation to ensure the service is ready for daily use. This typically includes confirming that users can log in, that map layers and insights are loading correctly, and that forecasting and crop monitoring features are displaying current data.

A deployment is considered fully operational when:

This validation ensures that analysts, agronomists, and policymakers can begin using the platform without interruption.