Create an Oracle connection

Release version: Australia

Updated March 12, 2026

3 minutes to read

Establish a zero copy connection to an external Oracle database in Zero Copy Connector Hub.

Before you begin

You can optimize queries to Oracle by enabling table statistics. Consult your data source admin to confirm whether table statistics are enabled in Oracle before enabling this option in Zero Copy Connector Hub.

Role required: df_connection_admin

About this task

Work with your data source admin to create a connection to Oracle. For additional information about connecting to Oracle, refer to the Oracle documentation.

Procedure

Navigate to the available primary connectors in Zero Copy Connector Hub in one of the following ways:
- Navigate to All > Zero Copy Connector Hub > Available connectors > Primary connectors.
- Navigate to Admin > Zero Copy Connector Hub > Available connectors > Primary connectors.
Find the Oracle connector and select Connect.

On the form, fill in the fields.

Table 1. New Oracle Connection form
Field	Description
Name and description
Connection label	Unique name for this connection. This helps in identifying the connection within your system.
Connection name	System-generated name based on the Connection label. This field cannot be modified once the connection is established.
Short description	Description of the connection explaining what it is about.
Connection attributes
Connection URL	JDBC URL from the tnsnames.ora file in the wallet to establish the connection. For example: `jdbc:oracle:thin:@(description=(address=(protocol=tcps)(port=<port>)(host=<host>))(connect_data=(service_name=<service-name>)))`
Enable table statistics	Option to enable table statistics. Optimize SQL queries using table statistics by selecting this option. Enabling table statistics allows the system to use estimates of stored data such as row count, distinct values, and data size for enhanced query processing. Note: You must ensure that gathering table statistics is enabled in the data source before selecting this option.

Configure the authentication method that you want to use with Oracle.

Option	Description
Username / Password	Option to use basic authentication. Enter the database username associated with the source. Enter the database password associated with the username.
OAuth	Option to use OAuth authentication. OAuth authentication requires an OAuth entity profile configured in the Application Registries [oauth_entity] table with your Oracle or IdP credentials. Oracle supports only the Access Token credential type. This option keeps credentials within the instance and uses the ServiceNow AI Platform OAuth framework for token lifecycle management. For details on creating an OAuth entity profile, see Use a third-party OAuth provider. When configuring the profile, select Client Credentials as the grant type. If your OAuth provider requires scopes, add them on the OAuth Entity Scopes tab. Consult your data source or identity provider documentation for the required scope values. Select the OAuth entity profile for your Oracle or IdP service principal.

Option

Description

Username / Password

Option to use basic authentication.

Enter the database username associated with the source.
Enter the database password associated with the username.

OAuth

Option to use OAuth authentication.

OAuth authentication requires an OAuth entity profile configured in the Application Registries [oauth_entity] table with your Oracle or IdP credentials. Oracle supports only the Access Token credential type.

This option keeps credentials within the instance and uses the ServiceNow AI Platform OAuth framework for token lifecycle management. For details on creating an OAuth entity profile, see Use a third-party OAuth provider. When configuring the profile, select Client Credentials as the grant type. If your OAuth provider requires scopes, add them on the OAuth Entity Scopes tab. Consult your data source or identity provider documentation for the required scope values.

Select the OAuth entity profile for your Oracle or IdP service principal.

Configure connection security.

Option	Description
Default	Select this option to use Java security CA certificates to establish a secure connection with the data source. This option uses public certificates that are already available in the Java security truststore.
mTLS	Select this option if your data source requires two-way SSL and uses its own certificates.

If you selected mTLS, select a keystore type and configure the required certificates.

Option Description

Keystore - PEM (secure)

Option	Description
Keystore - PEM (secure)	Attach the wallet PEM file from the wallet folder using one of the following options: Upload the wallet PEM file by selecting Attach PEM file and selecting the file. Copy and paste the contents of the PEM file, ensuring the content contains one private key beginning with: `-----BEGIN ENCRYPTED PRIVATE KEY-----` and ending with: `-----END ENCRYPTED PRIVATE KEY-----` and two certificates, each beginning with: `-----BEGIN CERTIFICATE-----` and ending with: `-----END CERTIFICATE-----` Enter the PEM file password associated with the wallet.
Keystore - JKS (secure)	Attach the Base64-encoded truststore.crt file from the wallet folder using one of the following options: Upload the truststore file by selecting Attach TrustStore file and selecting the file. Copy and paste the contents of the truststore file, ensuring the content begins with: `-----BEGIN CERTIFICATE-----` and ends with: `-----END CERTIFICATE-----` Attach the Base64-encoded keystore.crt file from the wallet folder using one of the following options: Upload the keystore file by selecting Attach KeyStore file and selecting the file. Copy and paste the contents of the keystore file. Enter the truststore password associated with the wallet. Enter the keystore password associated with the wallet.

Attach the wallet PEM file from the wallet folder using one of the following options:
- Upload the wallet PEM file by selecting Attach PEM file and selecting the file.
- Copy and paste the contents of the PEM file, ensuring the content contains one private key beginning with:
```
-----BEGIN ENCRYPTED PRIVATE KEY-----
```
  and ending with:
```
-----END ENCRYPTED PRIVATE KEY-----
```
  and two certificates, each beginning with:
```
-----BEGIN CERTIFICATE-----
```
  and ending with:
```
-----END CERTIFICATE-----
```
Enter the PEM file password associated with the wallet.

Keystore - JKS (secure)

Attach the Base64-encoded truststore.crt file from the wallet folder using one of the following options:
- Upload the truststore file by selecting Attach TrustStore file and selecting the file.
- Copy and paste the contents of the truststore file, ensuring the content begins with:
```
-----BEGIN CERTIFICATE-----
```
  and ends with:
```
-----END CERTIFICATE-----
```
Attach the Base64-encoded keystore.crt file from the wallet folder using one of the following options:
- Upload the keystore file by selecting Attach KeyStore file and selecting the file.
- Copy and paste the contents of the keystore file.
Enter the truststore password associated with the wallet.
Enter the keystore password associated with the wallet.

Select Connect.

Result

A test connection is made to the external data source, verifying that the connection details are correct and the data source is accessible.

What to do next

If the connection succeeds, configure data steward access on the Access Control tab. See Manage access to an established connection using roles.

If the connection fails, verify the connection details with your data source administrator and try again.