About Oracle Identity Cloud Service User Accounts and Groups

This overview of user accounts and groups briefly explains what they are and how they are used.

A user account is an abstraction representing a way to be authenticated to access Oracle Identity Cloud Service. In Oracle Identity Cloud Service, the cardinality of relationship between user and account is one-to-one.

By default, all users can use their accounts to perform self-service capabilities in Oracle Identity Cloud Service. Users can update their profiles, reset their passwords, unlock their accounts, change their email preferences, and link social login accounts. As an Identity Domain Administrator, you may want to provide a user account with administrative capabilities in Oracle Identity Cloud Service. For example, in order to off-load some responsibilities, you may want to assign a user the User administrator role so that they can manage users, groups, and group memberships. To provide a user account with administrative capabilities, you assign administrator roles to user accounts. See Understanding Administrator Roles for more information about administrator roles and privileges that you can assign to user accounts.

As an administrator, you have easy and controlled privilege management through groups. Groups are the links between user accounts and applications in Oracle Identity Cloud Service. Groups are designed to facilitate the administration of privileges that you grant to user accounts. See Managing Oracle Identity Cloud Service Groups.