Thursday, October 23, 2025

#1097 - Controlling use of OIC Connections

Breaking Bad Connections 


As Lenin was wont to say - trust is good, control is better. So how does all of this relate to OIC connections? Well some customers don't want certain adapters to be used, e.g. the GMAIL adapter. Nothing against gmail, it's just a simple example to use. Also, what about connections based on the REST adapter, where are they pointing to?

If you need such, then read on; if not then you have my permission, to stop reading and do something more interesting! In this I create an integration that will invoke the OIC Factory api to get connection data. I will then check for use of "banned" adapters and then invoke a pl/sql function to check base urls.

Firstly, a BIG thanks to my esteemed colleague Matt B. for suggesting this requirement and for helping me develop it. 

To begin with, I create the following tables in ATP

create table invalid_connections(checkDate TIMESTAMP
not null, project varchar2(50) not null,
connectionType varchar2(20) not null,
connectionId varchar2(50) not null,
message varchar2(100) not null);

create table invalid_adapters(id varchar2(20) not null,
name varchar2(20) not null);

Insert into invalid_adapters values ('GMAIL', 'gmail');

create table invalid_baseUrls (connectionURL varchar2(50)
not null);
insert into INVALID_BASEURLS
values ('api.openweathermap.org');
commit;

Here is a sample project I will interrogate, note its connections -

Now to the OIC factory api, which I will use to check out my connections and make sure they adhere to the rules.    

I run this in postman -

Here are snippets from the response - 

{
            "adapterType": {
                "displayName": "Google Gmail",
                "links": [],
                "name": "gmail",
                "type": "PREINSTALLED"
            },
            "agentRequired": false,
            "agentSupported": false,
            "connectionProperties": [],
            "created": "2025-10-23T06:05:55.633+0000",
            "createdBy": "niall.commiskey@oracle.com",
            "description": "",
            "hasOverride": false,
            "id": "GMAIL",


another one - 

     {
      "displayName": "Connection URL",
      "hasAttachment": false,
      "hiddenFlag": false,
      "propertyGroup": "CONNECTION_PROPS",
      "propertyName": "connectionUrl",
      "propertyShortDesc": "Please make sure that this value really corresponds to the type selected above.",
      "propertyType": "URL",
      "propertyValue": "https://api.openweathermap.org/data/2.5/",
      "requiredFlag": true
                },

                { 

As you can see, I've all the data here.

I create a connection in the project for the factory api -

and then use this in an integration -

I take the response payload from postman, massage it a bit, to reduce size and then use it as the response.

As you can see, I then invoke ATP to check if the adapter is forbidden.

I am using the following field as input - 

I run the integration and check the activity stream - 

Now to the second check - this time I'm looking for "forbidden" urls, such as our weather example.

Now to checking the urls. Remember, in our little world, it is forbidden to invoke the following -

I create a PL/SQL function to check this for me, here's the code -









create or replace PACKAGE NIALLC.CONN_PKG AS
  FUNCTION f_check4InvalidURLS (in_project varchar2,
in_url varchar2,
in_connectionType varchar2,
in_connectionId varchar2) RETURN varchar2;

END CONN_PKG;



create or replace PACKAGE BODY NIALLC.CONN_PKG AS
 
  Function f_check4InvalidURLS (in_project varchar2,
in_url varchar2,
in_connectionType varchar2,
in_connectionId varchar2)
RETURN varchar2
IS
v_response varchar2(50) := 'VALID URL';
v_position NUMBER;
cursor c1 is
   SELECT connectionURL FROM invalid_baseurls;
BEGIN

   FOR invalidBaseurls_rec in c1
   LOOP
     v_position := INSTR(in_url,
invalidBaseurls_rec.connectionURL);
     IF v_position > 0 THEN
        v_response := 'INVALID URL';
        insert into INVALID_CONNECTIONS values (
                  sysdate,
                  in_project,
                  in_connectionType,
                  in_connectionId,
                  'URL ' || in_url || ' is not allowed');
        COMMIT;
     END IF;  
   END LOOP;


RETURN v_response;

END f_check4InvalidURLS;

END;

Simple enough!

I run the integration -

then check the DB table - 

The integration might seem somewhat complex, but, be assured, its not - 


Next step should be to check if these invalid connections are actually used in integrations. 

We can use the following api request - 

https://design.integration.us-phoenix-1.ocp.oraclecloud.com/ic/api/integration/v1/projects/yourProject/connections/yourConnectionID/usage?integrationInstance=yourOICInstance

Connection ID is the name you give the connection - 

I called the connection "Weather", the id defaults to the upper case version of this - "WEATHER"

The adapter type, in this case REST, surfaces in the adapterType section -

"adapterType": {
                "displayName": "Google Gmail",
                "links": [],
                "name": "gmail",
                "type": "PREINSTALLED  

This has been covered earlier, but just a quick recap.

Anyway, I execute the aforementioned api request in Postman - 

{
    "connectionUsage": [],
    "integrationUsage": [
        {
            "code": "WEATHERDEMO",
            "isLocked": false,
            "links": [
                {
                    "href": "https://...",
                    "rel": "self"
                }
            ],
            "name": "weatherDemo (1.0)",
            "projectId": "AA_PROJECT2",
            "status": "ACTIVATED",
            "version": "01.00.0000"
        }
    ],
    "links": [
        {
            "href": "https://...",
            "rel": "self"
        }
    ],
    "name": "Weather"
}

Here I see the integration ID, name, version, status etc.
Now we could consider augmenting our flow by deactivating the integration. 

Summa Summarum

Let's recap on what's been covered here -

1. create DB tables to list forbidden adapters and base urls

2. create DB table to protocol infringements

3. create a PLSQL package to validate base urls against the forbidden base urls table, protocolling any infringements.

4. create an integration that uses the OIC Factory api to retrieve connections in a project. 

4.1. use the ATP adapter to check for usages of forbidden adapters.

4.2. use the ATP adapter to invoke the PLSQL package, in order to validate base urls used in connections

4.3. check which integrations are using the "offending" connections. Protocol those integrations and, if they are ACTIVATED, do the necessary.

   




 


 




Sunday, October 19, 2025

#1096 - OIC 25.10 New Features - File Server System Events

Introduction

Don't forget to check out the official 25.10 blog posts here. Please continue, once you've digested!


This post focuses on the 25.10 enhancement for File Server Events. 

OIC Events allow us to easily implement pub/sub flows. You can define your own events e.g. new order event. You can publish such events e.g. an integration triggered by the Fusion ERP business Event, purchase order created, could then publish an OIC new order event. I then have "subscribing" integrations that subscribe to the new order event and do what needs to be done.

Recently we augmented OIC Events with system events, which now support OIC File Server. This makes it easy to implement scenarios such as immediate processing files on their arrival at OIC File Server.

OIC 25.10 File Server Events

OIC 25.10 now supports triggering integrations, based on the following File / Folder events -
  • File created
  • File deleted
  • File moved
  • File downloaded
  • Folder created
  • Folder deleted
  • Folder moved
Those in bold are new for 25.10.

Let's try this out - 

I now create an integration to respond to a file being moved - 

Note the ability to add a filter -

























I will filter on the folder. But first to the event data structure - 
this is what is received when subscribing to the file move event - 

"previousName":"dummy.txt","newName":"dummy.txt",
 "previousPath":"/root/niallcInbox","newPath":"/root/niallcOutbox",
 "previousExtension":"txt","newExtension":"txt",
 "action":"file_move","size":647757,"reference":"os:/root/niallcOutbox/dummy.txt@_@yourFileRef","source":"urn://fs/native","type":"file","time":"2025-09-30T07:23:29.727Z",
"metadata":[{"key":"createdBy","value":"AA_2510_NEW_FEATURES.MOVEFILE.XNHDf53OEfCfR0vvcaRmWw"}]}


So my filter expression will be as follows - 

{"type":"jq_filter","filter-def":".data.newPath==\"/root/niallcOutbox\" "}

I run an integration that moves the file - 

I check out my subscriber - 





 



 

#1095 - OIC 25.10 New Features - Observability

Introduction

Observability in OIC covers runtime and design time auditing/monitoring. With 25.10 we are adding some cool features. Let's look at them.

OIC 25.10 Observability

Viewing of activity stream is now being audited. Here I look at the activity stream for an integration flow -


I check out the audit trail in OIC Observability - 

I click on the Audit link -




#1094 - OIC 25.10 New Features - AI@OIC - DesignTime

Introduction

AI@DesignTime support was introduced to OIC a couple of releases ago. This includes integration generation from natural language -

It also includes the AI driven generation of integration descriptions -

as well as the generation of project descriptions -

From an AI@Runtime perspective, our 25.06 release included user friendly error messages. 

Check out my post here for a video deep-dive.

From a connectivity perspective, we shipped our OpenAI adapter. Check out my post here for details.

We also shipped the native actions for OCI AI Services - 

I've also created posts on the use of each of these, so do check them out, if you get the chance.

I realise this is a long introduction, but, net net, we already done a lot in this space. Let's now look at what's coming with 25.10.






OIC 25.10 AI@OIC - DesignTime

New Project Creation UI

The screenshot may not do justice, so let's look at this in some more detail -

I want to create a new project, so I can now begin by describing, in natural language, what the project should do. OIC then checks for any recipes or accelerators that meet your requirements -

You can, of course, proceed immediately to project creation - 

Comprehensive AI Driven Project Documentation

Note the new icon in the Projects page - 
This will give you detailed project information -

Here's what I in one of my projects - 

One click and you have comprehensive project documentation.

Also the ability to save as pdf - 

Integration designer - AI Assistant


Check out the new icon in the integration canvas - 

Just like with projects, here we have the AI driven capability to generate comprehensive documentation.





 





OIC 25.10 AI@OIC - Connectivity

This release includes an Anthropic adapter - 

Check out my blog post on how easy it is to leverage the Anthropic adapter. 

It also includes enhancements to the native actions for OCI AI Services. Check out those enhancements here

Summa Summarum

25.10 = lots of new features in this space and, believe me, there's more to come.