Role Assignment Is not Immediately Reflected

Sometimes, a role assignment may not take immediate effect in an environment. For example, a user who was assigned a predefined role through My Services may get the Not Allowed error while accessing the environment.

Changes to predefined role assignments performed using My Services are reflected in Access Control after any user logs into the environment using a browser or Oracle Smart View for Office at least four minutes after the role assignment was performed. For example, if the role assignment was completed at 09:20, the role assignment will be reflected if any user logs in to the environment using a browser or Smart View at or after 09:24.

Newest changes are reflected in Access Control immediately if the following events occur:

• If the users and predefined role assignment were imported using the importSnapshot or the cloneEnvironment EPM Automate commands or Oracle Enterprise Performance Management Cloud REST APIs
• For OCI (Gen 2) only: If the Role Assignment Audit Report is generated using EPM Automate, REST API, or Access Control

The Role Assignment Audit report contains up-to-date information. See these information sources:

• Accessing Audit and User Reports in Identity Cloud Service (for OCI (Gen2 only) in Getting Started with Oracle Enterprise Performance Management Cloud for Administrators
• roleAssignmentAuditReport in Working with EPM Automate for Oracle Enterprise Performance Management Cloud