Create Users and Assign Them to Predefined Roles

You use this EPM Automate command sequence to create users and assign them to predefined roles in the identity domain.

  • Sign in to the environment as a Service Administrator.

  • Export Groups and Membership information from the environment to This discussion assumes that you have previously exported Groups and Membership artifacts using Migration to create

  • Download the snapshot ( to a local directory.

  • Delete the snapshot ( from the environment.

  • Sign out of the environment.

  • Extract the contents of

  • Append information about new users to HSS-Shared Services\resource\External Directory\Users.csv in First Name,Last Name,Email,User Login format.

    For detailed information, see Importing a Batch of User Accounts in Getting Started with Oracle Cloud.

  • Append information about role assignments of new users (in First Name,Last Name,Email,User Login format) to appropriate roles file(s).

    User assignment for each predefined role should be specified in a separate file available in HSS-Shared Services\resource\External Directory\Roles. For example, assignment to Service Administrator role should be appended to <service_name> Service Administrator.csv while assignments to Viewer roe should be appended to HSS-Shared Services\resource\External Directory\Roles\<service_name> Viewer.csv.

    For detailed information, see Assigning One Role to Many Users in Getting Started with Oracle Cloud.

  • re-create by zipping the HSS-Shared Services directory and its contents.

  • Sign into the environment as a Service Administrator who also has Identity Domain Administrator role.

  • Upload the modified to the environment.

  • Import into the environment.

  • Delete the uploaded from the environment.

  • Sign out.


You can automate this scenario by writing a custom script that completes these tasks:

  • Unzip
  • Append user information to Users.csv
  • Append role assignments to files
  • Zip HSS-Shared Services and its contents to re-create
epmautomate login serviceAdmin C:\mySecuredir\password.epw 
epmautomate exportsnapshot example_snapshot
epmautomate downloadfile ""
epmautomate deletefile ""
epmautomate logout

/* Add custom code to extract the contents of

/* Add custom code to append new user information to HSS-Shared Services\resource\External Directory\Users.csv 
/* Optional: Add custom code to append role information to the appropriate role file(s) in HSS-Shared Services\resource\External Directory\Roles\
/* Add custom code to zip HSS-Shared Services and its contents as */

epmautomate login serviceAdmin C:/mySecuredir/password.epw
epmautomate uploadfile ""
epmautomate importsnapshot example_snapshot userPassword=Password1 resetPassword=true
epmautomate deletefile
epmautomate logout


The value that you specify for userPassword (Password1 in the preceding command) will be set as the initial password of new users. Set the value of resetPassword as true to force new users to reset password on first login. See importSnapshot for details.