Single sign-on (SSO) for Oracle Financial Management Analytics is implemented through Oracle BI EE. Oracle BI EE and Shared Services must be connected to the same LDAP/MSAD for single sign-on to work; otherwise, users do not match.
User provisioning is set through Shared Services. See the Oracle Enterprise Performance Management System Security Configuration Guide.
For information on setting up SSO and other security settings, see the Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition.
When Oracle Financial Management Analytics is launched, credentials are verified on the LDAP/MSAD store. The SSO token is generated and passed through the ADM Driver to Financial Management. The user who logs in to Oracle BI EE is the user whose credentials are used to query Financial Management.
When you provide the connection URL in the repository (RPD) file, you must enter a valid Shared Services user name. If using a shared connection, the user must be provisioned for the Financial Management application. The user who logs in to Oracle BI EE must have permission to view the reports, as shown below:
For Financial Management and Tax Applications, use the Financial Management user ID.
For Financial Close Management, use the Financial Close Management database schema user with, at minimum, read rights.
For additional information on setting and managing security, see the following guides:
Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition
Oracle Hyperion Enterprise Performance Management System User and Role Security Guide
Oracle Hyperion Enterprise Performance Management System Security Administration Guide