Go to main content
1/34
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New In This Guide
Updates in January 2019 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in July 2018 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in April 2018 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in March 2018 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in October 2017 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in January 2017 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in July 2016 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
Updates in April 2016 Documentation Refresh for 11
g
Release 2 (11.1.2.3.0)
New and Changed Features for 11
g
Release 2 (11.1.2.3.0)
Other Significant Changes in this Document for 11
g
Release 2 (11.1.2.3.0)
1
Overview of the Oracle Identity Self Service Interface
1.1
Top Panel
1.1.1
Accessibility
1.1.2
Sandboxes
1.1.3
Customize
1.1.4
Help
1.1.4.1
Top Pane
1.1.4.2
Lower Left Pane
1.1.4.3
Lower Right Pane
1.1.5
Inbox
1.1.6
Sign Out
1.2
Self Service Home page
1.2.1
My Information
1.2.2
My Access
1.2.3
Request Access
1.2.4
Track Request
1.2.5
Provisioning Tasks
1.2.6
Certifications
1.2.7
Pending Approvals
1.2.8
Pending Violations
1.3
Compliance Home Page
1.3.1
Identity Certification
1.3.2
Reports
1.3.3
Identity Audit
1.4
Manage Home page
1.4.1
Managing Users
1.4.2
Managing Roles
1.4.3
Managing Organization
1.4.4
Managing Administration Roles
1.4.5
Managing Password Policies
Part I Getting Started
2
Registering to Oracle Identity Manager
2.1
Submitting Registration Requests
2.2
Tracking Registration Requests
3
Accessing Oracle Identity Self Service
3.1
Connecting to Oracle Identity Self Service
3.2
Retrieving Forgotten User Login
3.3
Resetting Forgotten Password
3.4
Setting Challenge Questions and Response After First Login
Part II Working with Self Service
4
Managing Profile Information
4.1
Managing Basic User Information
4.2
Changing Password
4.3
Setting Challenge Questions and Response
4.4
Viewing and Modifying Direct Reports
4.5
Managing Proxies
4.5.1
Adding a Proxy
4.5.2
Editing a Proxy
4.5.3
Removing a Proxy
5
Managing Access for Self
5.1
Managing Roles
5.1.1
Requesting for Roles
5.1.2
Removing Roles
5.1.3
Modifying Role Grant Duration
5.2
Managing Entitlements
5.2.1
Requesting for Entitlements
5.2.2
Modifying Entitlements
5.2.3
Removing Entitlements
5.2.4
Modifying Entitlement Grant Duration
5.3
Managing Accounts
5.3.1
Requesting for Accounts
5.3.2
Modifying Accounts
5.3.3
Removing Accounts
5.3.4
Disabling an Account
5.3.5
Enabling an Account
5.3.6
Resetting Password for an Account
5.3.7
Modifying Account Grant Duration
5.4
Viewing Admin Roles
6
Requesting Access
6.1
Requesting New Access
6.1.1
Requesting Access for Self
6.1.2
Requesting Access for Other Users
6.1.3
Requesting Access By Using a Request Profile
6.1.4
Using Keyword Search in the Access Catalog
6.1.5
Specifying Application Instances in Entitlements Search
6.1.6
Refining Search Results
6.2
Viewing Hierarchical Attributes of Entitlements
6.3
Adding and Removing Catalog Items to and from the Cart
6.4
Adding and Removing Grant Duration
6.4.1
Specifying Grant Duration
6.4.2
Modifying Grant Duration
6.4.3
Revoking Access
6.5
Managing Request Profiles
6.5.1
Creating a Request Profile
6.5.2
Modifying a Request Profile
6.5.3
Deleting a Request Profile
6.6
Tracking a Request
6.6.1
Searching Track Request
6.6.2
Tracking a Draft Request
6.7
Deleting a Request
6.8
Withdrawing a Request
6.9
Closing a Request
6.10
Requesting Access With Policy Violations
7
Using the Unified Inbox
7.1
Overview of the Unified Inbox
7.2
Creating a View Definition
7.3
Editing the Task Chart
7.4
Editing Inbox Settings
8
Managing Pending Approvals
8.1
Viewing Pending Approval Tasks
8.2
Adding Comments and Attachments
8.3
Approving a Task
8.4
Rejecting a Task
8.5
Reassigning a Task
8.6
Suspending a Task
8.7
Withdrawing a Task
8.8
Skipping Current Assignment
8.9
Claiming a Task
8.10
Modifying Grant Duration
9
Managing Provisioning Tasks
9.1
Managing Pending Provisioning Tasks
9.1.1
Searching Provisioning Tasks
9.1.1.1
Basic Search
9.1.1.2
Advanced Search
9.1.2
Viewing Provisioning Task Details
9.1.3
Setting Response for a Task
9.1.4
Adding Notes to a Task
9.1.5
Reassigning a Task
9.1.6
Viewing Task Assignment History
9.1.7
Viewing Form Details
9.1.8
Modifying Form Details
9.1.9
Retrying a Task
9.1.10
Manually Completing a Task
9.2
Managing Manual Fulfillment Tasks
9.2.1
Viewing and Editing Task Details
9.2.2
Completing a Task
9.2.3
Rejecting a Task
9.2.4
Adding Comments and Attachments
9.2.5
Requesting for Information
9.2.6
Reassigning a Task
9.2.7
Modifying Grant Duration
10
Managing Certification Review Tasks
10.1
Searching and Viewing Certifications
10.1.1
Searching Certifications in the Pending Certifications Page
10.1.2
Accessing Certification Tasks From the Pending Certifications Page
10.1.2.1
Viewing User Certification Details
10.1.2.2
Viewing Role Certification Details
10.1.2.3
Viewing Application Instance Certification Details
10.1.2.4
Viewing Entitlement Certification Details
10.2
Completing Certifications
10.2.1
Completing User Certifications
10.2.1.1
Making Certification Decision on the Users
10.2.1.2
Reviewing Roles and Entitlements
10.2.1.3
Finishing the User Certification
10.2.2
Completing Role Certifications
10.2.2.1
Making Certification Decisions on the Roles
10.2.2.2
Reviewing the Contents of the Roles
10.2.2.3
Finishing the Role Certification
10.2.3
Completing Application Instance Certifications
10.2.3.1
Making Certification Decisions on the Application Instances
10.2.3.2
Reviewing Account and Entitlement Assignments
10.2.3.3
Finishing the Application Instance Certification
10.2.4
Completing Entitlement Certifications
10.2.4.1
Making Certification Decisions on the Entitlements
10.2.4.2
Reviewing the Entitlement Assignments
10.2.4.3
Finishing the Entitlement Certification
11
Managing Pending Violations
11.1
Viewing Policy Violations
11.2
Searching Pending Violations
11.3
Completing Policy Violations
11.4
Reassigning or Delegating Policy Violations
Part III Working with Compliance
12
Using Identity Certification
12.1
Identity Certification Overview
12.1.1
What Is Identity Certification?
12.1.2
Who Is Involved in Completing Identity Certifications?
12.2
Certification UI
12.3
Certification Name Formats
12.4
Searching and Viewing Certifications
12.4.1
Searching Certifications in the Dashboard
12.4.2
Viewing Certifications From the Dashboard
12.5
Completing User Certifications in Offline Mode
12.6
Generating Certification Reports
12.6.1
Generating Certification Reports From the Dashboard
12.6.2
Generating Exported Certification Reports From the Certification Pages
13
Managing Identity Certification
13.1
Certification Concepts
13.1.1
Line of Business and Line Item
13.1.2
Certification Task
13.1.3
Certification Object
13.1.4
Certification Definition
13.1.5
Certification Jobs
13.1.6
Closed-Loop Remediation
13.1.7
Remediation Tracking
13.1.8
Event Listener
13.1.9
Certification Authorization
13.2
Configuring Certifications
13.2.1
Prerequisites for Configuring Certifications
13.2.1.1
Marking a Catalog Item as Certifiable
13.2.1.2
Setting the Certifier in the Request Catalog
13.2.1.3
Setting User Manager and Organization Certifier
13.2.1.4
Setting User Attributes for Certification Snapshot
13.2.1.5
Setting Risk Levels for Individual Entities
13.2.1.6
Tagging Attributes
13.2.1.7
Configuring the Availability of Identity Certification
13.2.1.8
Configuring Reminders, Notifications, Escalations, and Expiry for Certifications (Optional)
13.2.2
Configuring Certification Options
13.3
Managing Certification Definitions
13.3.1
Creating Certification Definitions
13.3.1.1
Creating a User Certification Definition
13.3.1.2
Creating a Role Certification Definition
13.3.1.3
Creating an Application Instance Certification Definition
13.3.1.4
Creating an Entitlement Certification Definition
13.3.2
Modifying Certification Definitions
13.3.3
Deleting Certification Definitions
13.4
Scheduling Certifications
13.5
Understanding How Risk Summaries are Calculated
13.5.1
Understanding Item Risk and Risk-Factor Mappings
13.5.1.1
Setting Item Risk
13.5.1.2
Understanding Risk-Level Mappings (Risk Factors)
13.5.2
Understanding Risk Aggregation and Risk Summaries
13.5.3
Understanding How Changing Risk Configuration Values Impacts the System
13.6
Understanding Closed-Loop Remediation and Remediation Tracking
13.6.1
Configuring Challenge Workflows
13.6.2
Disabling Accounts When Revoked
13.7
Understanding Event Listeners
13.8
Configuring Event Listeners and Certification Event Trigger Jobs
13.8.1
Creating an Event Listener
13.8.2
Modifying an Event Listener
13.8.3
Deleting an Event Listener
13.8.4
Configuring Certification Event Trigger Jobs
13.8.4.1
Setting the Event Listener Name List
13.8.4.2
Adding More Trigger Jobs
13.9
Configuring Certification Reports
13.10
Understanding Multi-Phased Review in User Certification
13.10.1
Multiple Phases of Review
13.10.2
Delegation to Multiple Reviewers Within Each Phase
13.10.3
Stages of Certification in TPAD
13.10.3.1
Phase One With Verification
13.10.3.2
Phase Two With Verification
13.10.3.3
Final Review
13.11
Understanding Certification Oversight
13.12
Troubleshooting Identity Certification
14
Managing Identity Audit
14.1
Identity Audit Concepts
14.1.1
Identity Audit Rules
14.1.2
Rule Condition
14.1.3
Identity Audit Policies
14.1.4
Scan Definitions
14.1.5
Scan Jobs
14.1.6
Policy Violations
14.1.7
Remediators
14.1.8
Policy Violation Remediation
14.1.8.1
Violation Causes
14.1.8.2
Policy Violation States
14.1.9
Policy Violation Reports
14.2
Enabling Identity Audit
14.3
Configuring Identity Audit
14.3.1
Setting Identity Audit Options
14.3.2
Configuring Reminders, Notifications, Escalations, and Expiry for Identity Audit (Optional)
14.4
Managing IDA Rules
14.4.1
Searching Rules
14.4.1.1
Performing Basic Search for Rules
14.4.1.2
Performing Advanced Search for Rules
14.4.2
Creating Rules
14.4.3
Understanding Rule Expressions
14.4.4
Modifying Rules
14.4.5
Duplicating Rules
14.4.6
Deleting Rules
14.5
Managing IDA Policies
14.5.1
Searching Policies
14.5.1.1
Performing Basic Search for Policies
14.5.1.2
Performing Advanced Search for Policies
14.5.2
Creating IDA Policies
14.5.3
Modifying IDA Policies
14.5.4
Duplicating IDA Policies
14.5.5
Deleting IDA Policies
14.5.6
Previewing the Results of IDA Policies
14.6
Managing Scan Definitions
14.6.1
Searching Scan Definitions
14.6.1.1
Performing Basic Search for Scan Definitions
14.6.1.2
Performing Advanced Search for Scan Definitions
14.6.2
Creating Scan Definitions
14.6.3
Modifying Scan Definitions
14.6.4
Running and Viewing Scans
14.7
Managing Policy Violations
14.7.1
Searching Policy Violations
14.7.1.1
Performing Basic Search for Policy Violations
14.7.1.2
Performing Advanced Search for Policy Violations
14.7.2
Opening Policy Violation Details
14.7.3
Completing Policy Violations
14.7.4
Closing Policy Violations
14.7.5
Remediating or Closing Policy Violations Causes
14.7.6
Generating Identity Audit Policy Violation Reports
Part IV Working with Identity Administration
15
Managing Users
15.1
Searching Users
15.1.1
Basic Search
15.1.2
Advanced Search
15.1.3
Operations on Search Results
15.2
Creating a User
15.3
Viewing User Details
15.4
Modifying Users
15.4.1
Editing User Attributes
15.4.2
Requesting, Removing, and Modifying Roles
15.4.2.1
Requesting Roles for a User
15.4.2.2
Modifying a Role
15.4.2.3
Removing Roles from a User
15.4.2.4
Modifying Role Grant Duration
15.4.3
Requesting and Removing Entitlements
15.4.3.1
Requesting Entitlements for a User
15.4.3.2
Removing Entitlements from a User
15.4.3.3
Modifying Entitlement Grant Duration
15.4.4
Requesting, Removing, and Modifying Accounts
15.4.4.1
Requesting for an Account
15.4.4.2
Modifying an Account
15.4.4.3
Removing an Account
15.4.4.4
Marking an Account as Primary
15.4.4.5
Disabling an Account
15.4.4.6
Enabling an Account
15.4.4.7
Modifying Account Grant Duration
15.4.5
Modifying Details of Direct Reports
15.5
Disabling a User
15.6
Enabling a User
15.7
Deleting a User
15.8
Locking a User Account
15.9
Unlocking a User Account
15.10
Resetting the User Password
16
Managing Roles
16.1
Role Membership Inheritance
16.1.1
About Role Membership Inheritance
16.1.2
Evaluate Policies for Role Inheritance
16.2
Default Roles
16.3
Role Management Tasks
16.3.1
Creating Roles
16.3.2
Managing Roles
16.3.2.1
Searching for Roles
16.3.2.2
Viewing and Administering Roles
16.3.2.3
Viewing Role Analytics
16.3.2.4
Deleting Roles
17
Managing Organizations
17.1
Searching Organizations
17.1.1
Basic Search
17.1.2
Advanced Search
17.2
Creating an Organization
17.3
Viewing and Modifying Organizations
17.3.1
Modifying Organization Attributes
17.3.2
Managing Child Organizations
17.3.2.1
Creating a Child Organization
17.3.2.2
Deleting a Child Organization
17.3.2.3
Disabling a Child Organization
17.3.2.4
Enabling a Child Organization
17.3.2.5
Opening a Child Organization
17.3.3
Viewing Organization Membership
17.3.4
Managing Dynamic Organization Membership
17.3.4.1
Creating a Dynamic Organization Membership Rule
17.3.4.2
Modifying a Dynamic Organization Membership Rule
17.3.4.3
Deleting a Dynamic Organization Membership Rule
17.3.5
Managing Admin Roles
17.3.5.1
Granting an Admin Role
17.3.5.2
Revoking an Admin Role
17.3.6
Viewing Available Accounts
17.3.7
Viewing Provisioned Accounts
17.3.7.1
Provisioning a Resource
17.3.7.2
Revoking a Resource
17.3.7.3
Viewing the Details of a Provisioned Resource
17.3.7.4
Disabling a Provisioned Resource
17.3.7.5
Enabling a Provisioned Resource
17.3.7.6
Viewing Resource History
17.3.8
Viewing Available Entitlements
17.4
Creating a User Member
17.5
Creating a Suborganization
17.6
Disabling and Enabling Organizations
17.7
Deleting an Organization
18
Managing Administration Roles
18.1
Admin Roles
18.2
Overview of Admin Role Attributes
18.2.1
Admin Role Capability
18.2.2
Admin Role Scope of Control
18.2.3
Admin Role Publication
18.3
Searching Admin Role
18.3.1
Basic Search
18.3.2
Advanced Search
18.4
Creating an Admin Role
18.5
Viewing and Modifying Admin Role
18.6
Deleting Admin Role
18.7
Controlling End User Actions
19
Managing Password Policies
19.1
Searching Password Policies
19.1.1
Basic Search
19.1.2
Advanced Search
19.2
Creating a Password Policy
19.3
Setting Password Policy Rules
19.4
Evaluating Password Policies
19.5
Setting Challenge Options
19.6
Deleting a Password Policy
19.7
Associating Password Policies with Organization
Part V Reporting
20
Running Reports
20.1
Running Oracle Identity Manager Reports
20.2
Running Policy Violation Reports
Part VI Appendix
A
Personalizing Self Service
A.1
Performing Search in Self Service
A.1.1
Basic Search
A.1.2
Advanced Search
A.2
Adding and Removing Attributes in Advanced Search Criteria
A.3
Personalizing the Search Result
A.4
Using Saved Search
A.4.1
Creating a Saved Search
A.4.2
Personalizing Saved Search
A.4.3
Deleting a Saved Search
A.4.4
Using Saved Search to Perform a Search Operation
A.5
Sorting Data in Search Results
A.6
Using Query By Example
B
Functional Capabilities
Scripting on this page enhances content navigation, but does not change the content in any way.