Using IDCS Groups to Assign Predefined Roles to Users

You can use Identity groups to assign predefined roles to multiple users. Since Identity groups can be synced with identity provider (IdP) groups (such as Entra ID groups), you can even add individual users to IdP groups and assign the predefined roles to these groups in IAM Interface.

Note:

Renaming an Identity group is functionally equal to deleting it and creating a new one.

To assign groups to a predefined role:

1. Click Oracle Cloud Services under Identity Domain.

   A list of available environments is displayed.
   
   

2. Click the name of the environment for which you want to assign predefined roles to users.
3. Click Application Roles tab.
   
   
4. Click the ellipses next to the role you want to assign and select Manage groups.
   
   
   
   
5. On the Manage group assignments page, click Assign groups.
6. On the Assign groups page, select the groups you want to assign to the current predefined role.

   To search for a user, click the text box, enter all or part of the beginning of the user name, first name, or last name of the user, and then press Search.

7. Click Assign.
   
   

When you clone an environment with the option to clone users and predefined roles, the cloned users on the target environment will have the predefined roles assigned to them directly, even if they are assigned through IDCS groups. See Cloning EPM Cloud Environments in Administering Migration for Oracle Enterprise Performance Management Cloud.