Enable Azure AD Authentication on Autonomous Database
An Azure AD administrator and an Autonomous Database administrator perform steps to configure Azure AD authentication on Autonomous Database.
- Registering the Oracle Database Instance with a Microsoft Entra ID Tenancy
A user with Entra ID administrator privileges uses Microsoft Entra ID to register the Oracle Database instance with the Microsoft Entra ID tenancy. - Enabling Microsoft Entra ID v2 Access Tokens
Oracle Database supports integration with the v1 and v2 Azure ADOAuth2
access token. - Managing App Roles in Microsoft Entra ID
In Entra ID, you can create and manage app roles that will be assigned to Azure users and groups and also be mapped to Oracle Database global schemas and roles. - Configuring Azure AD as an External Identity Provider for Autonomous Database
An Autonomous Database administrator can enable Azure AD as an external identity provider on an Autonomous Database instance.
Enabling Microsoft Entra ID v2 Access Tokens
Oracle Database supports integration with the v1 and v2 Azure AD OAuth2
access token.
OAuth2
access token, the credential flow continues to work as it did before without any changes. However, the upn:
claim must be added when you use v2 tokens with the interactive flow.
- Check the version of the Entra ID access token that you are using.
- Log in to the Microsoft Entra ID portal.
- Search for and select Entra ID.
- Under Manage, select App registrations.
- Choose the application for which you want to configure optional claims based on your scenario and desired outcome.
- Under Manage, select Token configuration.
- Click Add optional claim and select upn.
aud:
claim only reflects the APP ID value. You do not need to set the https:domain
prefix to the APP ID URI when v2 tokens are being used. This simplifies the configuration for the database because the default APP ID URI can be used.
- Checking the Entra ID Access Token Version
You can check the version of the Entra ID access token that your site uses by using the JSON Web Tokens web site.
Related Topics
Parent topic: Enable Azure AD Authentication on Autonomous Database
Checking the Entra ID Access Token Version
You can check the version of the Entra ID access token that your site uses by using the JSON Web Tokens web site.
Related Topics
Parent topic: Enabling Microsoft Entra ID v2 Access Tokens
Configuring Azure AD as an External Identity Provider for Autonomous Database
An Autonomous Database administrator can enable Azure AD as an external identity provider on an Autonomous Database instance.
To enable Azure AD as an external identity provider:
Parent topic: Enable Azure AD Authentication on Autonomous Database