In Oracle Identity Manager, you have access to entities, such as roles, entitlements, accounts, and admin roles. The entities to which you have access are displayed in the My Access section of the Oracle Identity Self Service. Typical tasks you perform in the My Access section are described in the following topics:
Tip:
Adding and removing entities, such as roles, entitlements, and accounts, go through requests that are subject to approval. Before you perform the steps to manage your access to entities, it is recommended that you see Chapter 9, "Managing Requests" for detailed information about requests in Oracle Identity Manager.The Roles tab in the My Access section displays the roles assigned to you. In this tab, you can perform the following:
To request for roles from the My Access page:
Log in to Identity Self Service.
Under My Profile, click My Access. The My Access page is displayed.
Click the Roles tab. A list of roles assigned to you is displayed.
Note:
In all the tabs in the My Access page, you can refine your search by using Query By Example. For information about using Query By Example, see "Using Query By Example".From the Actions menu, select Request. Alternatively, click Request Roles on the toolbar. The Catalog page is displayed.
Select a catalog item that you want to request. The summary information of the item is displayed below the Catalog Items section.
You can also select multiple items by pressing Ctrl and clicking the items.
Click Add Selected to Cart.
The selected items are added to the request cart.
Click Checkout. Alternatively, you can click Checkout on the Catalog page.
The Cart Details page is displayed.
Modification of selected role is possible only if the user is a Role Administrator for the organization to which the role is published. If the user is of any other role or an end-user, then the user can only view the role details.
To modify the details of a role assigned to you:
In the Roles tab of the My Access page, select a role whose details you want to modify.
From the Actions menu, select Open. Alternatively, click Open on the toolbar.
The Role: ROLE_DISPLAY_NAME page is displayed with details of the selected role. In this page, you can modify role attributes, role hierarchy, role membership, and publish the role to organizations. For details about these tasks, see "Managing Roles".
To remove roles assigned to you:
In the Roles tab of the My Access page, select a role that you want to remove.
From the Actions menu, select Remove. Alternatively, click Remove Roles on the toolbar. The Remove Roles catalog page is displayed.
Submit the request to remove roles. The role will be removed after the request is approved.
The Entitlements tab in the My Access page displays the entitlements assigned to you. In this tab, you can perform the following:
To request for entitlements:
In the My Access page, click the Entitlements tab. A list of entitlements assigned to you is displayed.
Note:
The Entitlements tab only displays entitlements with the Provisioned status. The status displayed here is entitlement status and not the account status.
In an upgraded deployment of Oracle Identity Manager 11g Release 2 (11.1.2.2.0), the entitlements provisioned to the users before the upgrade are not displayed in the Entitlements tab. To display the entitlements in the Entitlements tab after the upgrade, login to Oracle Identity System Administration, and run the Entitlement Assignments scheduled job. See "Predefined Scheduled Tasks" in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Manager for information about the Entitlement Assignments scheduled job.
From the Actions menu, click Request. Alternatively, click the Request Entitlements button on the toolbar or action from the Accounts tab. The Catalog page is displayed.
Select a catalog item that you want to request. The detailed information of the item will be displayed in a pop-up window after clicking the icon beside the catalog item.
You can also select multiple items by pressing Ctrl and clicking the items. You can also select a series of items by pressing Shift and then selecting the first and the last items in the series.
Click Add Selected to Cart or click Add to Cart beside the item to be added.
You can add items one bye one by clicking Add to Cart beside each item. The selected items are added to the request cart.
Click Checkout. Alternatively, you can click Edit and then click Checkout on the Request Cart page.
The Cart Details page is displayed.
The Target Users section displays the usernames of beneficiaries for the entitlement. You can click user details icon for a user to view the details of the user. If the entitlement is dependent on an account, the account is automatically added to the cart.
To add beneficiaries to the entitlement request:
Click the green plus symbol. The Advanced Search for Target Users dialog box is displayed.
Search and select one or more users that you want to add.
Click Add Selected to add the selected users to the Selected Users list. Alternatively, click Add All to add all the users to the Selected Users list.
Click Select. The selected users or beneficiaries are added to the Target Users section of the Request Cart Details page.
You can also select a user that you want to remove from the list of beneficiaries, and click the cross icon.
(Optional) For the requested entitlements, enter any additional information as needed. This additional information can be added using a form associated with the entitlement, provided the entitlement forms have been generated or re-generated by system administrators.
For example, you can enter effective start and end dates for the entitlement. Then, the approver can review and/or modify this additional information and decide whether the entitlements can be provisioned or not.
Note:
The corresponding application instance will also be displayed in the cart if the application instance is not already provisioned to the user.If the status is not Ready to Submit, then provide the required details and click Ready to Submit.
Submit the request from the Catalog page. The entitlement will be assigned after the request is approved.
Note:
If you want to save the cart in the request for editing or submitting later, then click Save as Draft. For information about creating a request, see "Creating Requests".To modify an entitlement assigned to you:
In the Entitlements tab, select the entitlement that you want to modify.
Click Modify Entitlement from the toolbar.
Modify and submit the request to modify entitlement. The entitlement will be modified after the request is approved.
To remove entitlements assigned to you:
In the Entitlements tab, select the entitlement that you want to remove.
From the Actions menu, select Remove. Alternatively, click Remove Entitlements from the toolbar. The Catalog page is displayed.
Submit the request. The entitlement will be removed after the request is approved.
Note:
If an account is revoked, its entitlements will be revoked. However, if an account is disabled, then its entitlements will remain granted.If entitlements have end dates and the end dates are reached, then the entitlements that are not yet revoked will be revoked.The Accounts tab in the My Access page displays the accounts assigned to you. In this tab, you can perform the following:
To request for accounts:
In the My Access page, click the Accounts tab. A list of accounts assigned to you is displayed.
From the Actions menu, click Request. Alternatively, click Request Accounts on the toolbar. The Catalog page is displayed.
Search for and select an account.
Click Add Selected to Cart.
Click Checkout and provide additional information as needed.
Submit the request from the Catalog page. The account will be assigned after the request is approved.
For information about creating a request, see "Creating Requests".
To modify accounts assigned to you:
In the Accounts tab, select an account that you want to modify.
From the Actions menu, select Modify. Alternatively, click Modify Accounts on the toolbar. The Catalog page is displayed.
Edit the attributes of the account.
Submit the request from the Catalog page. The account will be modified after the request is approved.
Note:
Changing the account password as part of the Modify operation in the Account form page will have no effect on the password. The account password can be changed using the Reset Password operation.As a workaround, you can hide the account password fields by customizing the UI.
To remove accounts assigned to you:
In the Accounts tab, select the account that you want to remove.
From the Actions menu, select Remove. Alternatively, click Remove Accounts from the toolbar. The Catalog page is displayed.
Submit the request to remove accounts. The accounts will be removed after the request is approved.
To disable an account:
In the Accounts tab, select an account that you want to disable.
From the Actions menu, select Disable. Alternatively, select Disable on the toolbar. The Catalog Page is displayed.
Submit the request to disable accounts. The accounts will be disabled after the request is approved.
To enable an account:
In the Accounts tab, select an account that you want to enable.
From the Actions menu, select Enable. Alternatively, select Enable on the toolbar. The Catalog Page is displayed.
Note:
The Enable icon will be active only when a disabled account is selected.Submit the request to enable accounts. The accounts will be enabled after the request is approved.
To reset password for an account assigned to you, use one of the following ways:
Go to the Accounts tab of the My Access page. Then, select an account and click Reset Password.
If you are an admin user, go to the Accounts tab of the Users page. Then, select an account and click Reset Password.