Azure AD Client Configuration and Access for Autonomous Database

After you configure Azure AD on your Autonomous Database and you map Azure AD users, there are numerous ways that a user can configure a client to the Autonomous Database instance using Azure AD tokens.

If you use a wallet for your client connection (mTLS), download the wallet from the Autonomous Database instance and then follow the directions for configuring it for use with your client.

Confirm that DN matching is enabled by looking for SSL_SERVER_DN_MATCH=ON in sqlnet.ora. Partial or full DN matching is required when sending a token from the database client to Autonomous Database.

Note

If Autonomous Database is using a private endpoint, you need to specify a host value for the connect string parameter. Using an IP address for the host parameter in the connect string will not work with DN matching and the Azure AD token will not be sent to the database.

See Private Endpoints Configuration Examples on Autonomous Database for configuration information on how to set the host parameter when using a private endpoint.

See Configuring Azure AD Client Connections to the Oracle Database for more information.