Troubleshooting Issues with Sign-On Policies
The default sign-on policy in Oracle Identity Cloud Service allows all users assigned to predefined roles to sign into Oracle Fusion Cloud Enterprise Performance Management environments by supplying their credentials (user name and password). Identity Domain Administrators may configure a custom sign-on policy to determine whether a user is allowed to access OCI (Gen2) Cloud EPM environments. For example, you may configure a policy that allows only users assigned to the Service Administrator role to access environments.
If all users assigned to specific predefined roles are not able to sign in, ensure that your custom sign-on policy allows all Cloud EPM users to sign in. For detailed information on configuring sign-on policy, see these topics in Administering Oracle Identity Cloud Service: