This overview briefly describes applications and application roles.
Cloud-based Oracle applications: A complete and modular set of web-based enterprise applications, engineered to be cloud-ready and coexist seamlessly in mixed environments. You can use Oracle Cloud applications by accessing the UI on your local web browser or through your mobile communications device connected to the Internet.
Custom applications: Web applications that are written in a server-side language and can run on a server where the source code of the application isn't available to the public.
You can use Oracle Identity Cloud Service to grant users access to applications in two ways:
Directly: Assigning users to applications.
Indirectly: Assigning groups to applications. Users who are members of the groups are granted access to the applications.
In addition to granting users and groups access to Oracle applications, you can grant users and groups access to entitlements within applications. Each entitlement in an Oracle application is represented by an Application Role.
When a customer purchases or subscribes to any cloud services, the services are created in Oracle Identity Cloud Service as Applications. These services (Oracle Public Cloud Apps) have service consoles and the Application Roles control the authorization into these service consoles. Only PaaS services use Application Roles.