Single sign-on (SSO) for Oracle Financial Management Analytics is implemented through Oracle BI EE, but authorization is through Financial Management. Oracle BI EE and Shared Services must be connected to the same LDAP/MSAD store; otherwise, users do not match.
User provisioning is set through Shared Services. See the Oracle Hyperion Enterprise Performance Management System Security Administration Guide.
For information on setting up single sign-on (SSO) and other security settings, see the Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition.
When Oracle Financial Management Analytics is launched, the credentials are verified on the LDAP/MSAD store. The single sign-on token is generated and passed through the ADM Driver to Financial Management.
When you provide the connection URL in the repository (RPD) file, you must enter a valid Shared Services user name. That user must be provisioned for the Financial Management application only if they plan to use shared logon. The user who logs into Oracle BI EE, is the user whose credentials are used to query Financial Management.
The user must have permission to view the reports, as shown below:
For all Oracle Financial Management Analytics, except the Close Schedule Summary, use the Financial Management user ID.
For the Close Schedule Summary only, use the Financial Close Management database schema user with at least view rights.
For additional information on setting and managing security, see the following guides:
Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition
Oracle Hyperion Enterprise Performance Management System User and Role Security Guide
Oracle Hyperion Enterprise Performance Management System Security Administration Guide