About Managing Users, Groups, Application Roles, and Data Access

As the service administrator or security administrator, one of your initial tasks is to ensure that users have appropriate access to use Oracle Fusion Data Intelligence.

Users need access to objects and data. Access to objects include subject areas or elements of subject areas such as folders and attributes, key metrics, workbooks, and the legacy Oracle BI Enterprise Edition dashboards and answers. You grant access to the users by assigning groups to them. The groups inherit the permissions from the application roles (data and duty) mapped to them. You can merge your security setup only with the main semantic model.

Enhanced Security Capabilities

The enhanced security capabilities available from release Platform 23.R4 enable you to:
  • Create and manage users and groups only in the Oracle Identity Cloud Service associated with your Oracle Fusion Data Intelligence instance. As a security administrator, you can perform user-group management if you've the User Administrator role in Oracle Identity Cloud Service. See Managing Oracle Identity Cloud Service Users and Groups in the Oracle Cloud Infrastructure Console. In Oracle Fusion Data Intelligence, you can view the users and groups on the Security page but you can't create, modify, or delete them.
  • Use the licensed application roles corresponding to the existing licensed groups made available in this release onwards. You can assign the licensed application roles to your custom groups. These licensed application roles are mapped by default to the existing prebuilt licensed groups and are associated with the system roles. When you assign these prebuilt licensed groups and custom groups to users, then the applicable users get the system privileges such as consumer, author, and administrator.

If your Oracle Fusion Data Intelligence is on a release prior to release Platform 23.R4 or you haven’t yet up taken this security update, then you can continue to use the existing security capabilities until Oracle Fusion Data Intelligence automatically applies them as part of the release Platform 24.R2. Consult the information in Manage Users, Groups, Application Roles, and Data Access from a release prior to release Platform 23.R4.

These changes are mandatory and you can schedule the update sooner to enhance the security of your application using the Schedule Update option in the banner announcing these enhancements on the Security page. Ensure that you don't schedule the security update beyond May 2024. All current setups will be retained and available in Oracle Identity Cloud Service; you don't need to take any action other than scheduling.