Typical Workflow to Manage Users, Groups, Application Roles, and Data Access
Follow these tasks as a guide to manage users, groups, application roles, and data access.
Task | Description | More Information |
---|---|---|
Create users for Oracle Fusion Data Intelligence in Oracle Identity Cloud Service | Users for Oracle Fusion Data Intelligence must exist in the Oracle Identity Cloud Service instance associated with your Oracle Fusion Data Intelligence instance. You create users in the Oracle Identity Cloud Service instance in several ways. | See Create Users |
License the users to access Oracle Fusion Data Intelligence | An Oracle Fusion Data Intelligence user is an Oracle Fusion Data Intelligence licensed user. You license a user in Oracle Fusion Data Intelligence when you assign one of the Oracle Fusion Data Intelligence system groups to them. You must assign at least one system group to a user to enable them to perform relevant tasks in Oracle Fusion Data Intelligence. | See License the Users to Access Oracle Fusion Data Intelligence |
Create groups | As a security administrator, you can perform user-group management if you've the User Administrator role in Oracle Identity Cloud Service. You can create custom groups to meet your business requirements. | See Managing Oracle Identity Cloud Service Users and Groups in the Oracle Cloud Infrastructure Console |
Create application roles | Application roles consist of data and duty roles. As a security administrator, you can create custom duty and data roles using the Security pages to secure subject areas and data respectively. However, as a modeler, you configure these custom application roles using the Security Configuration section of the Semantic Model Extensions pages. | See Create an Application Role |
Associate groups and application roles | You must map the predefined and custom job-specific groups to the application roles (duty and data roles) to inherit the privileges and permissions to access the objects and data in Oracle Fusion Data Intelligence. | See Add Application Roles to a Group and Assign Groups to Application Roles |
Associate users and groups |
You must associate users and groups as the groups assigned to the users provide them the access to Oracle Fusion Data Intelligence. As a security administrator, you can perform user-group management if you've the User Administrator role in Oracle Identity Cloud Service. |
See Managing Oracle Identity Cloud Service Users and Groups in the Oracle Cloud Infrastructure Console. |
Add security assignments to a user | Access to data is granted at user level. Within a security context, users get assigned security assignments to filter their data access level. You can grant security assignments to the users for the predefined security contexts currently. For custom data access, the data filters are implicit through the custom data security framework. See Custom Security in Fusion Data Intelligence. | See Add Security Assignments to a User and Manage Users for a Data Security Assignment |