The Integration blog covers the latest in product updates, best practices, customer stories, and more.

  • September 11, 2020

How to Configure the New Oracle Integration Cloud (OIC) Streams Adapter

John Graves
PaaS Cloud Integration Architect


I'm writing this blog because some of the existing documentation is a bit confusing and I initially struggled to get the new OIC Streams Adapter configured.

Connector Parameters

There are not many things to setup for the connector, but let me explain each one in detail:

Bootstrap Servers

If you search around, you'll find lots of different examples of how this should look.  Some use "cell-1" prefix, some show "console" prefix and others.

For The OIC Streams Adapter, this should be in the form:


where the "us-ashburn-1" is replaced with your region (e.g. us-ashburn-1,us-phoenix-1, etc).  This can be found in the URL when you login to the OCI console.

The rest should be the same and the port should be 9092.

SASL Username

This part can be confusing.  The docs often speak of an ID, but not meaning OCID.  Let me try to make it clear here.  It is made up of three parts:

1. Tenancy NAME.  This can be found in the OCI console by clicking on your username and then Tenancy.

2. Stream User NAME.  This is configured according to the documentation found here:

This is just the NAME of a user with authorization to publish or consume messages from the stream.

3. Stream Pool OCID.  In this case, we don't want the name, but the actual OCID of the stream pool.

This can easily be found on the streams page, stream pool, OCID.

These there are then concatenated together to form the SASL Username:

e.g. mytenancy/streaming-user/ocid1.streampool.oc1.iad.amaaaaaa...cf54nka

SASL Password

This is an authorization token generated for the streams user.

Go to the specific user to be used to publish or consume messages.  Click the Generate Token button.


This field can be confusing.  Depending on your browser, you download the trust details in different ways.  I've found that even the same browser behaves differently on Windows, MAC or Linux.

I'll show an example here, but it is unfortunate this can't be done for us.

Anyway, just go to your OCI console and click the security button from your browser:

Typically, in Chrome, it looks something like this:

When you click on the Certificate button, you'll see something like this:

Click Details, then pick the top level root certificate and then the export button.  Again, different OSes and browsers work differently, but the basic idea is the same.

Save this file somewhere.

Now you have to create a jks truststore.  To do this, you need to have Oracle Java installed on your computer and use the keytool found in the bin directory.

NOTE: You MUST use the Oracle Java to build the trust store.  I tried using OpenJDK and it did NOT work.

Make the keystore using a command like this:

/oracle/jdk/bin/keytool -keystore us-ashburn-1.jks -alias CARoot1 -import -file TopRoot.crt


  • /oracle/jdk/bin" is where your Java is installed.
  • us-ashburn-1.jks can be any name you want.
  • CARoot1 can be anything you want.
  • TopRoot.crt is the file you exported earlier.

This will create the jks file that you then upload to the Streams Adapter connector configuration.


At this point you should be able to click the "test" button and verify the configuration is correct.


This adapter works well, but setting it up can be confusing.  I hope this blog helps others avoid any headaches and clarifies exactly what to set in each field.


Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.