OCI Connection

OCI App Connection is a paid feature.If you’re using Infisical Cloud, then it is available under the Enterprise Tier. If you’re self-hosting Infisical, then you should contact team@infisical.com to purchase an enterprise license to use it.

Infisical supports the use of API Signing Key Authentication to connect with OCI.

Create OCI User

Search for 'Domains' and click as shown

Select domain

Select the domain in which you want to create the Infisical user account. Select Domain

Navigate to 'Users'

Click 'Create user'

Create user

The name, email, and username can be anything. Create User

Navigate to 'API keys'

After you’ve created a user, you’ll be redirected to the user’s page. Navigate to ‘API keys’. Select API Keys

Add API key

Click on ‘Add API key’ and then download or import the private key. After you’ve obtained the private key, click ‘Add’.

Store configuration

After creating the API key, you’ll be shown a modal with relevant information. Save the highlighted values (and the private key) for later steps. User Info

Create OCI Group

Search for 'Domains' and click as shown

Select domain

Select the domain in which you want to create the Infisical user account. Select Domain

Navigate to 'Groups'

Create group

The name and description can be anything. Ensure that you assign the user created in earlier steps to this group. Create Group

Store group name

After creating the group, take note of its name. It will be used in later steps.

Create OCI Policy

Search for 'Policies' and click as shown

Click 'Create Policy'

Create policy

The name and description can be anything. Click ‘Show manual editor’ and paste in the policy rules relevant to your task:

Secret Sync

Allow group <group name> to manage secret-family in compartment <compartment name>
Allow group <group name> to use keys in compartment <compartment name>
Allow group <group name> to use vaults in compartment <compartment name>
Allow group <group name> to inspect compartments in tenancy

Group Name: The name of the group you created in earlier steps.
Compartment Name: The name of the compartment which has your secrets vault.

If you’d like to grant Infisical access to all compartments, replace instances of compartment <compartment name> with tenancy.

You must create this policy on the root compartment, otherwise some functionality may not work.

Create OCI Connection in Infisical

Infisical UI
API

Navigate to App Connections

In your Infisical dashboard, navigate to the App Connections page in the desired project. App Connections Tab

Select OCI Connection

Click the + Add Connection button and select the OCI Connection option from the available integrations. Select OCI Connection

Fill out the OCI Connection Modal

Complete the OCI Connection form by entering:

A descriptive name for the connection
An optional description for future reference
The User OCID from earlier steps
The Tenancy OCID from earlier steps
The Region from earlier steps
The Fingerprint from earlier steps
The Private Key PEM from earlier steps

Connection Created

After clicking Create, your OCI Connection is established and ready to use with your Infisical project. OCI Connection Created

To create an OCI Connection, make an API request to the Create OCI Connection API endpoint.

Sample request

Request

curl    --request POST \
        --url https://app.infisical.com/api/v1/app-connections/oci \
        --header 'Content-Type: application/json' \
        --data '{
            "name": "my-oci-connection",
            "method": "access-key",
            "projectId": "7ffbb072-2575-495a-b5b0-127f88caef78",
            "credentials": {
                "userOcid": "ocid1.user.oc1..aaaaaaaagrp35tbkvvad4y2j7sug7xonua7dl2gfp4at2u5i5xj4ghnitg3a",
                "tenancyOcid": "ocid1.tenancy.oc1..aaaaaaaaotfma465m4zumfe2ua64mj2m5dwmlw2llh4g4dnfttnakiifonta",
                "region": "us-ashburn-1",
                "fingerprint": "9c:f6:18:23:92:73:f8:e1:85:2c:6a:e3:2c:7d:ec:8f",
                "privateKey": "[PRIVATE KEY PEM]"
            }
        }'

Sample response

Response

{
  "appConnection": {
      "id": "e5d18aca-86f7-4026-a95e-efb8aeb0d8e6",
      "name": "my-oci-connection",
      "projectId": "7ffbb072-2575-495a-b5b0-127f88caef78",
      "description": null,
      "version": 1,
      "orgId": "6f03caa1-a5de-43ce-b127-95a145d3464c",
      "createdAt": "2025-04-23T19:46:34.831Z",
      "updatedAt": "2025-04-23T19:46:34.831Z",
      "isPlatformManagedCredentials": false,
      "credentialsHash": "7c2d371dec195f82a6a0d5b41c970a229cfcaf88e894a5b6395e2dbd0280661f",
      "app": "oci",
      "method": "access-key",
      "credentials": {
        "userOcid": "ocid1.user.oc1..aaaaaaaagrp35tbkvvad4y2j7sug7xonua7dl2gfp4at2u5i5xj4ghnitg3a",
        "tenancyOcid": "ocid1.tenancy.oc1..aaaaaaaaotfma465m4zumfe2ua64mj2m5dwmlw2llh4g4dnfttnakiifonta",
        "region": "us-ashburn-1",
        "fingerprint": "9c:f6:18:23:92:73:f8:e1:85:2c:6a:e3:2c:7d:ec:8f"
      }
  }
}

Getting Started

Platform Reference

Connectivity

Authentication Methods

Self-host Infisical

Internals

Contributing

Create OCI User

Create OCI Group

Create OCI Policy

Create OCI Connection in Infisical

Sample request

Sample response

Getting Started

Platform Reference

Connectivity

Authentication Methods

Self-host Infisical

Internals

Contributing

​Create OCI User

​Create OCI Group

​Create OCI Policy

​Create OCI Connection in Infisical

​Sample request

​Sample response

Create OCI User

Create OCI Group

Create OCI Policy

Create OCI Connection in Infisical

Sample request

Sample response