Before you use an alternative authentication provider, you must configure suitable groups and users. You then associate them with the application roles within your BI Service Instance. Follow these steps to set up an alternative authentication provider.
Oracle Business Intelligence does not require or mandate any specific users or groups, and in a production environment your corporate Identity Store, for example Oracle Internet Directory (OID), would typically already contain users and groups relevant to you organization. However, for an example of how you might set up a simple system based on the Sample App Lite or Starter Applications, see An Example Security Setup of Users, Groups, and Application Roles.
- Create groups in the alternative authentication provider similar to the application roles from your BI Service Instance, for example, using the Sample Application:
BIServiceAdministrators, BIContentAuthors, BIConsumers
- Create users in the alternative authentication provider, corresponding to the created groups. For example:
BISERVICEADMIN, BICONTENTAUTHOR, BICONSUMER
- Assign the users to respective groups n the alternative authentication provider.
For example, assign BISERVICEADMIN user to the BIServiceAdministrators group.
- Make the BIContentAuthors group part of the BIConsumers group in the alternative authentication provider.
This grouping enables BIContentAuthors to inherit permissions and privileges of BIConsumers.