Oracle® Retail Store Inventory Operations Cloud Services Implementation Guide Release 19.7 F70122-01 |
|
Previous |
Next |
By default, EICS provision one system operator user account and one customer delegate administrator user account. The customer delegate cloud administrator may create additional application admin accounts and implementation user account. Customer cloud administrator may also create a customer security admin user to manage users.
This section defines Security Terms used throughout this document.
Table 3-1 Security Terms
Term | Definition |
---|---|
Application Administrator |
A customer application admin user who can perform application configurations via EICS admin screen. |
Application Implementer |
System implementer is user who implements the application. |
Application Role |
An application role is a collection of users and other application roles. Application roles are defined in application and they are not necessarily known to a Java Container. |
Application System Operator |
Application system operator user can perform application setup and configurations, including operations which are restricted to other application users. |
Customer Cloud Administrator |
A delegated customer cloud user for customer cloud management tasks, for example create customer security admin user, and other users. |
Customer Security Admin |
A customer security admin user who can create customer users and assign application roles. |
Enterprise Group |
An enterprise group is a collection of users and groups. Enterprise groups are defined in security store and are known to java EE server container. |
Store Manager |
A user who performs store manager role. |
Store User |
A user who performs store operations with assigned role permissions. |
User |
A user is an end-user accessing a service or application. |
Users in SIOCS are divided into the following types based on their job duties.
Table 3-2 User Types and Responsibilities
User Type | Responsibilities |
---|---|
Application Implementer |
Data Seeding Configuration Operation Issues |
Customer Cloud Administrator Security Admin |
Create Additional App Users |
Application Administrator |
Configure System Configure Store |
Store Manager |
Store Management |
Store User |
Store Operations |
Retail Home User |
A user who can access EICS tile reports on Retail Home and navigate to related operational views in EICS from there. |
In addition to application users, integration users need to be setup based on integrated applications.
Users of SIOCS have roles through which they gain access to functions and data.
Security implementation involves the management of:
Assign security groups to corporate operational users
Assign application roles to store users
Before the Retailer's initial customer cloud admin user can access the Oracle Retail Store Inventory Operations Cloud Service (SIOCS) applications, it is necessary to provision the user access to the system and assign Oracle Identity Cloud Service (IDCS) or Oracle Cloud Infrastructure Identity and Access Management (OCI IAM) application roles listed below.
all_users
admin_users
batch_users
full_permission_users
global_store_users
mps_users
psraf_users
security_users
The initial customer admin user can create or manage other user provisioning via IDCS or OCI IAM.
Users also need to be assigned application roles via SIOCS Security Admin Role permission console. For details on how to use the SIOCS administration screens, see the Oracle Retail Enterprise Inventory Cloud Service Security Guide and the Oracle Retail Enterprise Inventory Cloud Service User Guide Security chapter.
Implementation users perform the key setup tasks to start your implementation. As part of initial setup, add an implementation user, and give them login credentials and the url for your Oracle Applications. The Cloud service administrator may setup additional users for performing implementation tasks. To create implementation users and the data roles for performing the tasks, the service administrator performs following tasks:
Create Implementation users and assign appropriate security IDCS or OCI IAM Application Roles in IDCS or OCI IAM
Assign SIOCS Application Roles in SIOCS Security Admin Console to implementation users, optionally you can create custom roles and data roles to assign to implementation users
Users also need to be assigned application roles via SIOCS Security Admin Role permission console. For details on how to use the SIOCS administration screens, see the Oracle Retail Enterprise Inventory Cloud Service Security Guide and the Oracle Retail Enterprise Inventory Cloud Service User Guide Security chapter.
The Customer security admin user will need to setup the additional application users and store users using IDCS or OCI IAM and assign EICS application permissions and stores to store users via SIOCS Security Users Screens.
Store assignments control the stores available for a user to login to. Users can be assigned access to specific stores through the SIOCS security admin UI.
Steps to setup users and permissions:
Custom Security Admin creates application users in Oracle Identity Cloud Service (IDCS) or Oracle Cloud Infrastructure Identity and Access Management (OCI IAM)
Assign IDCS or OCI IAM Application Roles which are applicable to application users based on their job duties
Define Custom Roles for non-Administrator role. You may assign the Default ADMINISTRATOR role to admin user.
Assign permissions to Role:
EICS defines two default application roles (ADMININISTRATOR and MANAGER), you may define custom roles to control user accesses based on job duties. There are 350+ roles permissions that decide how users access functionality. For details, see the Oracle Retail Enterprise Inventory Cloud Service Administration Guide - Configuration chapter.
Assign user to roles and stores:
Once stores are seeded into EICS, in SIOCS Security screen, customer security admin can assign users to stores, application roles. You may assign a single user to stores or use SIOCS UI Spreadsheet Data Loader to upload user role assignments.
See Oracle Retail Enterprise Inventory Cloud Service Security Guide - Application Security chapter, Mass Assigning Roles and Stores section and SIOCS UI Spreadsheet Data Loader.