How to pass a username containing @ as a parameter

Question

I`m trying to open up for REST API-calls from PL/SQL in an Oracle database, and to do this, I need my user to be able to perform network calls.

After a bit of research, I believe the following approach should work:

BEGIN
    DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
        host => '*',
        ace => xs$ace_type(privilege_list => xs$name_list('connect'),
                           principal_name => 'my-user@my-domain',
                           principal_type => xs_acl.ptype_db));
END;

...and it does seem to work so long as my-user is a single / simple name, such as 'my-user'; The problem occurs when trying to apply this to a username containing an @, as in the example above.

In such cases, I get the error:

ORA-44003: invalid SQL name

When comparing a user containing @ in his username with one without it, the only obvious difference I can see it that the former has Authentication Type = EXTERNAL, whereas the latter has Authentication Type = PASSWORD, but I can't see why that should matter.

Rather it seems to me like this might be a syntax-related issue - can anyone either confirm or deny this, and point out the correct way to pass in the principal parameter in a case like this?

Answer 1

The principal is always a database user, so it can't have a @ in the name anyway. You need to specify the database user that will be executing the REST calls on behalf of the end user.