Add or Remove a User Account from an Administrator Role

After you create or import user accounts in Oracle Identity Cloud Service, you can delegate administrative responsibilities for these accounts.

By default, all users can perform self-service capabilities in Oracle Identity Cloud Service, such as updating their profiles, resetting their passwords, and changing their email preferences. You may want to provide a user account with administrative capabilities. For example, you may want a user to manage applications in Oracle Identity Cloud Service. So, you would assign the user account to the application administrator role.

A user account can be assigned to more than one administrator role. The user account inherits the privileges for each administrator role assigned to the account. If a user account is assigned to both the application administrator role and the user administrator role, then the user can manage applications, users, groups, and group memberships in Oracle Identity Cloud Service.

  1. In the Identity Cloud Service console, expand the Navigation Drawer, click Security, and then click Administrators.
  2. Expand the node for the administrator role for which you want to add or remove a user account, and then perform one of the following:
    • To add a user account to an administrator role, click Add, select the check box for each user account that you want to add, and then click OK.

      If you're adding users to the user manager role, then after selecting the check box for each user that you're adding to this role, you must also select one of the following options:
      • Manage all users: These users can manage all users in the Oracle Identity Cloud Service identity domain.
      • Manage selected groups of users: These users can manage only those users who belong to the groups that you select. After selecting this option, enter or select the groups to be managed by these users.

      After making this selection, click OK. If you want to modify either the users who are assigned to the user manager role or the groups that these users can manage, then click the Action menu The Action menu., and select Edit from the drop-down menu that appears.

    • To remove a user account from an administrator role, select the user account that you want to remove, click Remove, and then in the Confirmation window, click OK.