Skip to content

OCI Troubleshooting and Validation

This section provides validation steps and troubleshooting procedures for the Oracle Cloud Infrastructure integration.


Validation Steps

After clicking Connect, verify the following:

  1. Account Status: Ensure the status shows Verified in the SailPoint Entro Console.

    1. If an Error status is shown, click on it to see the error message.
  2. Initial Scan: Confirm that OCI users appear in the NHI Inventory section.

  3. Sync Timestamp: Check the Last Sync time on the OCI integration card.

Common Issues

Issue Potential Cause Resolution
Status: Error (401 error) Incorrect OCID or Fingerprint. Double-check the Tenancy OCID and User OCID from the OCI Console.
Invalid Signature Private Key mismatch. Ensure the pasted PEM content includes the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- headers.
Permission Denied Missing IAM Policies. Verify that the entro-readers group has all five required policy statements applied at the tenancy level.
Region Error Mismatched region. Ensure the region provided (e.g., us-phoenix-1) matches the home region where the API key was generated.

Advanced Diagnostics

When connection fails, SailPoint Entro performs a "smoke test" by attempting to ListCompartments. A 401 Unauthorized response indicates the API key or signature is invalid. A 403 Forbidden response suggests the IAM policies are likely missing.