# Oracle Cloud {% hint style="warning" %} **Preview Feature**: Oracle Cloud integration is in a preview phase. Some features may be limited or require manual configuration. Please contact for help. {% endhint %} This guide walks you through installing and configuring P0's Oracle Cloud Infrastructure (OCI) integration for Just-in-Time (JIT) access to OCI groups. ## Overview P0's Oracle Cloud integration enables: * Just-in-Time access to OCI groups * Group membership management * Access policies using human-readable labels (group names, domain names, compartment names) ## Before You Begin Ensure you have the following: * A valid P0 account at [p0.app](https://p0.app/) * Oracle Cloud Infrastructure account with administrative access * A user with **Super Admin** or **IAM User Management** permissions in OCI * API key credentials for the administrative user {% hint style="info" %} This integration currently requires manual installation using an API key. We plan to support self-service installation in a future release. {% endhint %} ## Prerequisites ### OCI User Requirements The OCI user used for the integration must have one of the following: * **Super Admin** role in the identity domain * **IAM User Management** permissions at minimum ### Required Information Before starting the installation, gather the following: * **Tenancy OCID**: Your OCI tenancy identifier * **Domain OCID**: The identity domain OCID * **User OCID**: The OCID of the user with administrative permissions * **API Key**: Private key and fingerprint for API authentication * **Region**: The OCI region where your resources are located ## Installation ### Step 1: Generate API Key 1. Log into the Oracle Cloud Console. 2. Navigate to **Identity & Security** > **Users**. 3. Select the administrative user. 4. Under **Resources**, click **API Keys**. 5. Click **Add API Key** and either generate or upload a key pair. 6. Download the private key and note the fingerprint. ### Step 2: Configure P0 1. Navigate to **Integrations** on [p0.app](https://p0.app). 2. Select **Oracle Cloud** from the available integrations. 3. Enter the required configuration: * Tenancy OCID * Domain OCID * User OCID * API Key fingerprint * Private key content * Region 4. Click **Finish** to complete the installation. {% hint style="info" %} Contact if you need help with the installation process. {% endhint %} ## User Provisioning {% hint style="warning" %} Users must manually provision users in OCI IAM before they can use P0 to request group access. {% endhint %} Ensure that users who request access through P0 have: 1. An existing user account in your OCI identity domain. 2. The appropriate email matching their P0 identity. ## Requesting Access See the [Requesting Access](/integrations/resource-integrations/oracle-cloud/requesting-access.md) guide for details on how to request access to OCI groups. ## Access Policies Oracle Cloud access policies support human-readable labels instead of OCIDs, making policy configuration more intuitive. ### Available Filters You can create access policies based on: * **Group Name**: The display name of the OCI group * **Domain Name**: The identity domain name * **Compartment Name**: The compartment name ### Example Access Policy Instead of using OCIDs like: ocid1.group.oc1..aaaaaaaacyl5j2mn3y2tp5ivhcbrufcfaneeavnemphialfdrfe7uzio6lnq You can use friendly labels like: Group: Database Admins Domain: Production Compartment: Database Resources ## Limitations The current preview release has the following limitations: * Manual installation required (no self-service installer) * Users must be manually provisioned in OCI IAM * Group access only (specific resource requests coming in future releases) * API key authentication only (workload identity federation planned) ## Support For questions or issues with the Oracle Cloud integration, please contact . --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.p0.dev/integrations/resource-integrations/oracle-cloud.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.