Workflow for Access Without an Identity Domain
To give people access to Oracle Integration when your tenancy does not use identity domains, complete a few tasks. Tasks include creating users, assigning them to groups, and assigning roles to groups.
This topic applies only to tenancies that do not use identity
domains. See Differences
Between Tenancies With and Without Identity
Domains.
| Order | Task | More Information |
|---|---|---|
|
1 |
Create groups |
Groups save you time when setting up access. You add several or many users to a group and then give the same access to everyone in the group. That way, you don't need to assign roles and policies to everyone individually. For example, create a group for developers, another for administrators, and so on. Everyone in the group gets the same access. You create each group in two places: Oracle Identity Cloud Service and Oracle Cloud Infrastructure Identity and Access Management. The groups must have different names. Later, you'll associate the groups by mapping them together. See Create an IDCS Group and Create an IAM Group. |
|
2 |
Create policies |
Policies allow people to work with instances in specific tenancies and compartments. For example, if your company has multiple tenancies, policies let you specify the tenancies that each group can work in. You include the group name in each policy, so you don't need to assign the policies to groups separately after creating them. To learn about IAM policies in general, see How Policies Work and Example Scenario. To learn about IAM policies for Oracle Integration, see About IAM Policies for Oracle Integration. To create IAM policies, see Create an IAM Policy. Note: Your organization might have multiple instances of Oracle Integration. For example, you might have a development instance, as well as testing and production instances. The IAM policies that you write govern only a single instance. |
|
3 |
Map the groups |
You created groups in Oracle Identity Cloud Service and Oracle Cloud Infrastructure Identity and Access Management. Now, you must associate them by mapping them together. |
|
4 |
Create users |
Create Oracle Integration users in Oracle Identity Cloud Service Create one user for each person who needs access to Oracle Integration. You assign users to one or more groups when you create the users. See Create IDCS Users. Create superuser administrators in Oracle Cloud Infrastructure Identity and Access Management Create administrators who require superuser access in Oracle Cloud Infrastructure Identity and Access Management. Users created in Oracle Cloud Infrastructure Identity and Access Management don't have access Oracle Integration. To give users access to Oracle Integration, you must create them in Oracle Identity Cloud Service and associate them with an application role. See Create IAM Users. |
|
5 |
Assign roles to groups |
You can't create your own roles. Instead, choose from a predefined list of roles. To learn about the service roles that an administrator can assign to groups of users, see Oracle Integration Service Roles. To understand the actions that users can perform in each area of the user interface based upon their roles, see Oracle Integration Roles and Privileges. To assign service roles to users, see Assign Oracle Integration Roles to Groups. |
|
6 |
Decide whether to create additional stripes |
Every tenancy comes with a stripe. A stripe is a container for access-related information. You can work exclusively in the primary stripe or create one or more secondary stripes. You create additional stripes for various business reasons, such as when you want to maintain isolation among users, policies, and roles for compliance reasons. To create one or more secondary stripes, complete the tasks in Configure Multiple Identity Stripes for Oracle Integration 3. |
|
7 |
Tell everyone they can start working |
After you've set up your users, roles, and policies, inform everyone that they can start working in Oracle Integration. |