OIC - Delete file from OCI Object storage bucket using rest connection

Business requirement:

In Oracle Integration Cloud (OIC), there is a need to automate the deletion of files from an OCI Object Storage bucket. This is required when files are no longer needed or after successful processing, ensuring optimized storage usage and compliance with data retention policies

Rest API endpoint for deleting an object in the object storage bucket:

DELETE https://objectstorage.<region>.oraclecloud.com/n/<namespace>/b/<bucket-name>/o/<file-name>

Detailed screenshots:

Object storage rest connection:

Adapter configuration

Map bucket name, namespace and object name

OIC - Automating SFTP File Listing in OIC Based on Dynamic Date Filters and Adhoc Runs for past date files

Use Case:

In Oracle Integration Cloud (OIC), we need to list files from an source SFTP server based on a specific filename pattern and a date in the format YYYYMMDD. This date should be passed as a parameter to support both:

1. Scheduled Runs – Using the current date dynamically.
2. Ad-hoc or Past Date Processing – Allowing users to specify any past date manually.

This flexibility ensures that integrations can process files efficiently, whether through automated schedules or on-demand executions.

Date validation condition:

 (((FileProcessingDate = 'YYYYMMDD') or (FileProcessingDate = '')) or (FileProcessingDate = format-dateTime(concat(substring(FileProcessingDate, 1, 4), '-', substring(FileProcessingDate, 5, 2), '-', substring(FileProcessingDate, 7, 2)), '[Y0001][M01][D01]')))

File pattern population logic:

When processingdate != 'YYYYMMDD' and  processingdate != ''

replace(lookupValue("Common_CCS_Interface_SFTP_Lookup", "IntegrationId", Var_InterfaceId, "SourceFileName", "CTFCLPMC*"), "YYYYMMDD", FileProcessingDate)

Otherwise:

replace(lookupValue("Common_CCS_Interface_SFTP_Lookup", "IntegrationId", Var_InterfaceId, "SourceFileName", "CTFCLPMC*"), "YYYYMMDD", format-dateTime(current-dateTime(), "[Y0001][M01][D01]"))

Solution Steps:

1. Create a Scheduled Orchestration integration pattern to enable both scheduled and manual triggers.
2. Define a schedule parameter fileprocesingDate (YYYYMMDD format) to accept the date dynamically.
3. Validation: add a throw new fault and put the skip condition, if invalid date, it will throw error. Skip conditions:
1. Procrssing date is YYYYMMDD 
2. Processing date is empty
3. File processing is in YYYYMMDD format. 
4. Configure the sftp adapter and choose list files operations and put the following branching to populate the right file name pattern.
1. When processingdate is not YYYYMMDD and not empty, take file name part and current date from the schedule parameter for adhoc run.
2. Otherwise, take the name and current date for automatic processing.
5. Take the list of files and process one by one using a for each loop
6. If no files found, send a notication or log an appropriate message.

Testing & Deployment

• Test with multiple scenarios:
  • Scheduled execution with the current date.
  • Manual execution with a specific past date.
  • Scenarios where no matching files exist.
• Deploy the integration and configure scheduling as per business needs.

Detailed screenshots:

OIC - Solution for 404 Not Found Error When Calling a Local Integration dynamically in OIC project

Issue: A 404 Not Found error occurs when dynamically calling a local integration within a project in OIC.

Error details:

CloudInvocationException (Fault Details:

 <n30:type/>

<n30:APIInvocationError xmlns:n30="http://xmlns.oracle.com/cloud/generic/rest/fault/collocatedics/LocalIntegration CallNextIntegration">

<n30:title/>

 <n30:detail/>

 <n30:errorCode/>

 <na:errorDetails>>

<n30:type>http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5</ns0:type>

 <n30:title>Not Found</ns0:title>

<ns:errorCode>404</ns):errorCode>

<nao:errorPath>&lt;! [CDATA[Inbound JaxrsResponse(context=ClientResponse(method=POST, uri=http://rest-adapter:8080/ic/api/integration/vi/flows/rest/INT324_HCM_CCS_NEWHIR MAIN/1.0/NewHireEmpElecAllow/main, status=404, reason Not Found)}]] &gt;</n30:errorPath>

<n30:instance>&lt;! [CDATA[Please check the URL and try again. There are no currently active integrations serving /ic/api/integration/vi/flows/rest/INT324_HCM_CCS_NEWHIRMAIN/1.0/NewHireEmpElecAllow/main. The HTTP 404, 404 Not Found, and 404 error message is a Hypertext Transfer Protocol (HTTP) standard response code, in computer network communications, to indicate that the client was able to communicate with a given server, but the server could not find the resource that was requested. Carefully re-examine the target endpoint that is being called. )&gt;</n30:instance></nao:errorDetails></n50: APIInvocationError> ] 

Solution:

Ensure that the Project Code, Integration Code, and Version are correctly mapped in the invoke action using a Lookup.

Steps:

1. Open the integration where the local call is being made.
2. Use a Lookup to dynamically fetch the Project Code, Integration Code, and Version.
3. Ensure the endpoint URL is correctly formed using these values.
4. Verify that the lookup values match the actual integration details in the project.
5. Save, activate, and test the integration again.

This ensures dynamic mapping and avoids hardcoded values, resolving the 404 error.

OIC - Oauth initiation error at runtime - Access token is not available. Please re-initiate the oauth flow to obtain an access token | Provide consent issue.

Use Case: OAuth Authentication Failure in Oracle Integration Cloud (OIC)

Scenario:

An OIC integration flow that connects to an external REST API using OAuth authentication encounters an error:

Error Code: REST_AUTH_INIT_ERR

Error Message: "OAuth initiation error at runtime. Access token is not available. Please re-initiate the OAuth flow to obtain an access token. This indicates that OIC is unable to obtain or refresh the OAuth access token, leading to authentication failure.

Detailed Error Details:

<fault xmlns="http://xmlns.oracle.com/cloud/oic/gen3fault"> <trace Id>42c1b064a7ee002c7fd445e94f7429cc</traceId><requestId>IFIKKU95FTG26XUAYGUIOGA962D61JU2/03E977E96A93EE7EBDCE38C05CA6119E/3760E5ED3B4A4E18AA92084886501BC9</requestId><errorId/><flowId>UUzyG9_VEe-qZTGEjn7VoQ </flowld><errorType>InternalError</errorType><origin>tech-adapters-7569567778-z8qrn</origin><errorCode>REST_AUTH_INIT_ERR</errorCode><faultName> ns0: Server/faultName><retriable>false</retriable><reason>OAuth initiation error at runtime.</reason><details> <details minn="">Fault Details: <genericRestFault><errorCode>REST_AUTH_INIT_ERR</errorCode><error Path>Access token is not available. Please re-initiate the oauth flow to obtain an access token.</errorPath><instance>OAuth initiation error at runtime.</instance></genericRestFault></detailn></details></fault>

Solution steps:

1. Verify & Test Connection

Go to OIC Home → Integrations → Connections and test the REST connection.

If it fails, re-enter the Client ID, Client Secret, and Token URL.

2. Provide OAuth Consent

Log in to the OIC console using a user account with the necessary permissions to provide consent. Edit the connection causing the issue, click on Provide Consent, and it should display as authenticated.

3. Reactivate the integration.

End to End Securing Data in Oracle Integration Cloud (OIC) with OCI Vault: AES for Encryption & Decryption & RSA for Signing and verification | Implement message-level encryption in Oracle Integration using OCI Vault

Scenario:

A company is integrating Oracle Integration Cloud (OIC) with an external financial system to exchange sensitive payroll data securely. The external system encrypts and signs the data before sending it to OIC. OIC must decrypt and verify the data, process it, then encrypt and sign the response before sending it back.

Solution Approach

1. Incoming Data: Decrypt & Verify in OIC

1. The source system encrypts the data using AES-256 (symmetric encryption) and signs it using an RSA private key.
2. OIC receives the encrypted and signed payload.
3. OIC retrieves the AES decryption key and RSA public key from OCI Vault.
4. OIC decrypts the data using AES and verifies the signature using RSA.

2. Outgoing Data: Encrypt & Sign in OIC

1. After processing the data, OIC encrypts the response using AES-256.
2. OIC signs the encrypted data using an RSA private key.
3. The response is sent back to the source system.
4. The source system retrieves the AES key to decrypt the data and verifies the RSA signature using OIC’s public key.

Implementation in OIC with OCI Vault

1. Key Management in OCI Vault

• Store the AES encryption/decryption key for data security.
• Store RSA key pairs (private for signing, public for verification).
• Use OCI Vault’s Key Management APIs to securely fetch keys.

2. OIC Integration Implementation

• Configure REST connection to OCI Vault for key retrieval.
• Use AES encryption/decryption logic in OIC.
• Implement RSA signing and verification in OIC using the retrieved keys.

Detailed steps with screenshots:

Here we will create two common service which will perform the following:

1. Encryption service: It will perform encrypt and signing.
2. Decryption service: It will perform verify and decrypt.

Rest APIs used:

Encrypt: post /20180608/encrypt

Decrypt: post /20180608/decrypt

Sign: post /20180608/sign

Verify: post /20180608/verify

Rest Connection:

Encrypt and signing:

Integration flow:

Rest trigger:

Encrypt:

Signing:

Decrypt and Verify:

Integration flow

Rest Trigger

Verify:

Decrypt:

Reference:

https://docs.oracle.com/en/solutions/oic-message-level-encryption/index.html

https://docs.oracle.com/en-us/iaas/api/#/en/key/release/EncryptedData/Encrypt