Storing secrets in OCI Vault and leverage in Oracle Integration
Oracle Integration doesn’t allow us to store sensitive information securely such as passwords, secret keys, certificates, etc for API authentication, signing the data, etc.
Storing sensitive information into lookups, and variables, may pose a security risk.
To mitigate the security risk, OCI Vault service can be used to store sensitive information securely and use it whenever required.
What is OCI Vault
An OCI-managed service that lets you centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources.
The following are the key components of OCI Vault:
Secrets in OCI Vault
Secrets are:
- Credentials such as passwords
- Certificates
- SSH keys
- Authentication tokens
Storing secrets in a vault provides greater security than you might achieve storing them elsewhere, such as in code or configuration files.
You can retrieve secrets from the Vault service when you need them to access resources or other services.
Integration use-case to use Vault Secret
- A third-party REST API requires an API Key in the header to authenticate the service.
- A certificate is required to sign the outgoing payload.
- A user-name password is required to call the REST API.
- A static OAuth token to authenticate any third-party service.
Pre-requisites to use the OCI Vault
- OCI Vault
- Master Key
- Tenancy OCID
- User OCID
- Private Key
- Fingerprint
We have captured all the necessary steps to show how to create Vault, create secret, and use it in integration in the following video. Please look at it end to end.
If you found this article valuable, we would greatly appreciate your support through likes, comments, and shares. Additionally, we invite you to subscribe to our YouTube channel for more insightful videos. Don’t miss out on our latest updates – be sure to click the subscribe button to stay informed about our newest content.
Further readings:
About the Salesforce REST Adapter
Leveraging Salesforce REST adapter to push accounts to Database
OData adapter in Oracle Integration-3
Place the file in ATP from BIP using OIC
