Using IDCS Groups to Assign Predefined Roles to Users

You can use Identity groups to assign predefined roles to multiple users. Since Identity groups can be synced with identity provider (IdP) groups (such as Entra ID groups), you can even add individual users to IdP groups and assign the predefined roles to these groups in IAM Interface.

Note:

Renaming an Identity group is functionally equal to deleting it and creating a new one.

To assign groups to a predefined role:

  1. Click Oracle Cloud Services under Identity Domain.

    A list of available environments is displayed.
    Select environment

  2. Click the name of the environment for which you want to assign predefined roles to users.
  3. Click Application Roles.

    All predefined roles (Application Roles on UI) are displayed.

  4. Select the menu next to the predefined role that you want to assign.
    Assign groups to predefined role
  5. Click Manage next to Assigned groups.
  6. Click Show available groups.
    Show available groups
  7. Select the groups you want to assign to the current predefined role, and then click Assign.

    To search for a user, click the text box, enter all or part of the beginning of the user name, first name, or last name of the user, and then press Enter.

  8. All members of this group will be assigned the predefined role. To confirm, click Manage next to Assigned users.

    The users assigned to the predefined role are listed.

When you clone an environment with the option to clone users and predefined roles, the cloned users on the target environment will have the predefined roles assigned to them directly, even if they are assigned through IDCS groups. See Cloning EPM Cloud Environments in Administering Migration for Oracle Enterprise Performance Management Cloud.