How Do I Assign the Roles?

If VB Studio IDCS role synchronization hasn't been disabled for your Oracle Cloud Applications environment, you can follow the instructions in Assign Oracle Cloud Application Roles, wait a half hour while the roles are synchronized with the IDCS system, and then your users should be able to use VB Studio without any further involvement on your part.

If role synchronization has been disabled, role assignment is a two-step process:

1. Create an Oracle Cloud Applications user, then assign a role to that user using the Oracle Cloud Applications Identity manager. See Assign Oracle Cloud Application Roles.
2. In IDCS, manually assign a VB Studio role (DEVELOPER_ADMIN or DEVELOPER_USER) to the Oracle Cloud Applications user. See Assign VB Studio Roles in Oracle Identity Cloud Service (IDCS).

Assign Oracle Cloud Application Roles

Before beginning the process, review some background information:

• Standard roles (listed in step 7 below) are predefined. Their permissions are automatically updated as necessary, such as when new features or services are added.
• Custom roles are created as substitutes for standard roles, allowing only specific privileges. These privileges are assigned in the Oracle Cloud Applications security console.
  A custom role can be one of the following:

  • If role synchronization is enabled, one of the Oracle Cloud Applications abstract roles (ORA_SYNC_ENABLED_ADMINISTRATOR_ABSTRACT or ORA_SYNC_ENABLED_DEVELOPER_ABSTRACT) will need to be assigned in the Oracle Cloud Applications security console along with the FND_ADMINISTER_SANDBOX_PRIV and FND_MANAGE_SANDBOX_PRIV privileges.
  • If role sync is disabled, one of the VB Studio IDCS roles (DEVELOPER_ADMINISTRATOR or DEVELOPER_USER) will need to be assigned instead of the Oracle Cloud Applications abstract roles. The VB Studio IDCS roles are assigned in the IDCS console.

    The custom roles are assigned to VB Studio IDCS roles in the same manner as standard roles, with administrative roles mapping to the VB Studio administrator role in IDCS and non-administrative roles being assigned the VB Studio developer role in IDCS.

To assign an Oracle Cloud Applications role to a new or existing Oracle Cloud Applications user:

1. Sign in to the Applications Console.
   Make sure that you specify the identity domain where you want to create the user.
2. Click Navigation menu to open the navigation menu and, under Tools, click Security Console.
   
   

   
   Description of the illustration fa-tools-security-console.png

   
   
3. Click Users in the navigation pane.
   The User Accounts page is displayed.
   

   
   Description of the illustration fa-user-accounts-page.png

   
   
4. To create a new user, click Add User Account and follow the prompts. To assign a role to an existing user, use the Search field to find the user you want, then skip to step 6.
   The Add User Account page is displayed.
5. Fill out the User Information fields (First Name, Last Name, Email, Password, Confirm Password).
   
   

   
   Description of the illustration fa-add-user-account-page-filled.png

   
   

   The User Name field has been filled in for you, using the first and last names you entered separated by a period.

6. Click Add Role.
   The Add Role Membership from Role page is displayed.
7. Select one of the standard Oracle Cloud Applications roles:
   • Application Administrator (ORA_FND_APPLICATION_ADMINISTRATOR_JOB)
   • Sales Administrator (ORA_ZBS_SALES_ADMINISTRATOR_JOB)
   • Customer Relationship Management Application Administrator (ORA_ZCA_CUSTOMER_RELATIONSHIP_MANAGEMENT_APPLICATION_ADMINISTRATOR_JOB)
   • Synchronization Enabled Administrator Identity (ORA_SYNC_ENABLED_ADMINISTRATOR_ABSTRACT)
   • Application Developer (ORA_FND_APPLICATION_DEVELOPER_JOB)
   • Synchronization Enabled Developer Identity (ORA_SYNC_ENABLED_DEVELOPER_ABSTRACT)

   Note:

   The ORA_SYNC_ENABLED_ADMINISTRATOR_ABSTRACT and ORA_SYNC_ENABLED_DEVELOPER_ABSTRACT roles grant access to VB Studio, but do not offer any additional privileges for Oracle Cloud Applications.

   If you created a custom role, you can select it instead of a standard role.

8. After you select the role to assign to the user, click Add Role Membership.
   
   

   
   Description of the illustration fa-add-role-membership-done.png

   
   
9. Click Done.
   The Add User Account page is displayed, showing the new user with an assigned role.
   

   
   Description of the illustration fa-add-user-account-role-all-filled.png

   
   
10. Click Save and Close.

From the time role membership was granted via the security console, it will take approximately 30 minutes for a user to gain access. If, after 30 minutes, a user is still seeing a warning message indicating that they are not a member of the organization, it is very likely that IDCS role sync has been disabled on your environment, and you need to follow the instructions in Assign VB Studio Roles in Oracle Identity Cloud Service (IDCS) to assign one of the VB Studio roles in IDCS to the Oracle Cloud Application user.

Assign VB Studio Roles in Oracle Identity Cloud Service (IDCS)

If you just created a new user in Oracle Cloud Applications, it will take at least 30 minutes for the user profile to show up in IDCS so that you can assign a VB Studio user role to it.

IDCS has two different interfaces (upgraded and Classic), so choose the process that's applicable to you.

Assign Roles with the Upgraded IDCS Interface

Assign VB Studio access to users in the IDCS stripe associated to the Oracle Cloud Application instance:

1. Sign in to your Identity domain using your credentials and the URL you received.

   Note:

   If you don't have access to the URL, see How Do I Access the IDCS Console From the Oracle Cloud Console?

   If your Identity Cloud Service instance has been upgraded to an identity domain on Oracle Cloud Infrastructure (OCI), you'll see this page:
   
   Description of the illustration oci-upgrade-screen.png
   

2. Click the Take me there button.
   The domain's Overview page is displayed.
   

   
   Description of the illustration oci-domain-overview-screen.png

   
   

   Tip:

   If you click the Don't show me this again check box, the page with the upgrade notice will be bypassed and you'll see the domain's Overview page after you log in.

   If you see a page that looks quite different, your IDCS hasn't been upgraded and you're using the Classic interface. See Assign Roles with the Classic IDCS Interface.

3. Select Visual Builder Studio from the Oracle Cloud Services list under the Identity domain.
4. In the Resources list, click Application roles.

   All member roles, in this case DEVELOPER_ADMINISTRATOR and DEVELOPER_USER, that can be assigned for the VB Studio service are displayed.
   
   Description of the illustration oci-application-roles-list-screen.png
   

5. Click the down arrow on the right side of the role's row to display the list of resources you can manage:

   
   
   Description of the illustration oci-application-roles-manage-users-screen.png
   

6. Click Manage next to Assign Users.

   The Manage user assignments dialog is displayed.
   
   Description of the illustration oci-manage-user-assignments-screen.png
   

7. Click + Show available users, then use Search to locate the user name you are searching for.

   
   
   Description of the illustration oci-manage-user-assignments-locate-user-screen.png
   

8. After you locate the user, click the Assign checkbox on the left side of the user's row, then click the Assign button.

   The Assigned users section of the panel shows the new user you assigned.
   
   Description of the illustration oci-manage-user-assignments-adding-user-screen.png
   

9. Click the Close button.
10. Repeat steps 7-10 to assign additional users.

Assign Roles with the Classic IDCS Interface

To assign VB Studio access to Oracle Cloud Applications users in the Classic stripe:

1. Sign in to your Identity domain using your credentials and the URL you received in the Welcome email.

   The Identity Cloud Service Welcome page is displayed.
   
   Description of the illustration idcs-welcome-screen-classic.png
   

2. Click the Navigation menu.

   The Navigation drawer is displayed.

3. Click Oracle Cloud Services to display the list of service instances that are available in your identity domain.
4. Scroll to find the service (or use the Search bar to find it), then click the box on the left side of the row to select it:

   
   
   Description of the illustration idcs-service-instances-screen-classic.png
   

   The App Details page is displayed.
   
   Description of the illustration idcs-app-details-screen-classic.png
   

5. Select the Application roles tab, click the Menu icon on the right and select Assign Users.

   
   
   

6. In the Assign Users page, use Search to locate the user that you want to assign the VB Studio IDCS role to, then click the check box on the left side of the row to select the user.

   
   
   Description of the illustration idcs-assign-users-screen-classic.png
   

7. Click OK.

   The Application Roles tab should now show an additional user (the one you just assigned the role to).
   
   Description of the illustration idcs-assign-users-screen-new-user-classic.png
   

8. To verify that the user was assigned correctly, click the # Users Assigned link.

   The Users Assignments page is displayed, listing all the users who've been assigned the VB Studio IDCS role.