1. REST API for Oracle Fusion Cloud Financials
  2. Tasks
  3. Data Security for Users

Get all data assignments by user and role

get

/fscmRestApi/resources/11.13.18.05/dataSecurities

Request

Query Parameters
  • When this parameter is provided, the specified children are included in the resource payload (instead of just a link). The value of this query parameter is "all" or "". More than one child can be specified using comma as a separator. Example: ?expand=Employees,Localizations. Nested children can also be provided following the format "Child.NestedChild" (Example: ?expand=Employees.Managers). If a nested child is provided (Example: Employees.Managers), the missing children will be processed implicitly. For example, "?expand=Employees.Managers" is the same as "?expand=Employees,Employees.Managers" (which will expand Employees and Managers).
  • This parameter filters the resource fields. Only the specified fields are returned, which means that if no fields are specified, no fields are returned (useful to get only the links). If an indirect child resource is provided (Example: Employees.Managers), the missing children will be processed implicitly. For example, "?fields=Employees.Managers:Empname" is the same as "?fields=;Employees:;Employees.Managers:Empname" (which will only return the "Empname" field for Managers). the value of this query parameter is a list of resource fields. The attribute can be a direct (Example: Employees) or indirect (Example: Employees.Managers) child. It cannot be combined with expand query parameter. If both are provided, only fields will be considered.

    Format: ?fields=Attribute1,Attribute2

    Format for fields in child resource: ?fields=Accessor1:Attribute1,Attribute2
  • Used as a predefined finder to search the collection.

    Format: ?finder=<finderName>;<variableName>=<variableValue>,<variableName2>=<variableValue2>

    The following are the available finder names and corresponding finder variables:

    • ManageDataAccessRF: Finds all user role data assignments that match the specified user and role name.
      Finder Variables:
      • Rolerf; string; The name of the role for which the data security assignment is applicable.
      • Userrf; string; The user name that is a unique identifier of the user who allows account access.
    • PrimaryKey: Finds the account that matches the primary key criteria specified.
      Finder Variables:
      • UserRoleDataAssignmentId; integer; The unique assignment identifier of the user role data assignment resource.
  • This parameter restricts the number of resources returned inside the resource collection. If the limit exceeds the resource count then the framework will only return the available resources.
  • This parameter can be used to show only certain links while accessing a singular resource or a resource collection. The parameter value format is a comma-separated list of : <link_relation>

    Example:
    self,canonical
  • Used to define the starting position of the resource collection. If offset exceeds the resource count then no resources are returned. Default value is 0.
  • The resource item payload will be filtered in order to contain only data (no links section, for example).
  • This parameter orders a resource collection based on the specified fields. The parameter value is a comma-separated string of attribute names, each optionally followed by a colon and "asc" or "desc". Specify "asc" for ascending and "desc" for descending. The default value is "asc". For example, ?orderBy=field1:asc,field2:desc
  • This query parameter defines the where clause. The resource collection will be queried using the provided expressions. The value of this query parameter is one or more expressions. Example: ?q=Deptno>=10 and <= 30;Loc!=NY

    Format: ?q=expression1;expression2

    You can use these queryable attributes to filter this collection resource using the q query parameter:
    • ActiveFlag; boolean; Indicates whether the data security access is active. The default value is ACTIVE.
    • CreatedBy; string; The user who created the row.
    • CreationDate; string; The date and time when the row was created.
    • LastUpdateDate; string; The date and time when the row was last updated.
    • LastUpdateLogin; string; The session login of the user who last updated the row.
    • LastUpdatedBy; string; The user who last updated the row.
    • RoleCommonName; string; The technical name of role where the data security assignment applies to the user. The role must be assigned to the user separately.
    • RoleNameCr; string; The name of the role for which the data security assignment is applicable. You must separately assign the role to the user.
    • Rolerf; string; The name of the role for which the data security assignment is applicable. You must separately assign the role to the user.
    • SecurityContext; string; The category of data access that is required for the role. The category includes business unit, asset book, and inventory organization.
    • SecurityContextValue; string; The value of the security context associated with a role. For example, for a specific business unit, a financials job role is assigned the security context of that business unit. This value can be used as a criteria for assigning data access to a user name. This is the value for a single-part security context or the value for the first part of a multi-part context.
    • SecurityContextValue2; string; The value of the security context associated with a role. For example, for a specific business unit, a financials job role is assigned the security context of that business unit. This value can be used as a criteria for assigning data access to a user name. This is the value for the second part of a multi-part context.
    • SecurityContextValue3; string; The value of the security context associated with a role. For example, for a specific business unit, a financials job role is assigned the security context of that business unit. This value can be used as a criteria for assigning data access to a user name. This is the value for the third part of a multi-part context.
    • UserName; string; The unique identifier for a user defined in the application that allows account access.
    • UserRoleDataAssignmentId; integer; The numerical value that uniquely identifies a user data role.
    • Userrf; string; The user name that is a unique identifier of the user who allows account access. The user is defined in the application.
  • The resource collection representation will include the "estimated row count" when "?totalResults=true", otherwise the count is not included. The default value is "false".
Header Parameters
  • If the REST API supports runtime customizations, the shape of the service may change during runtime. The REST client may isolate itself from these changes or choose to interact with the latest version of the API by specifying this header. For example: Metadata-Context:sandbox="TrackEmployeeFeature".
  • The protocol version between a REST client and service. If the client does not specify this header in the request the server will pick a default version for the API.

There's no request body for this operation.

Back to Top

Response

Supported Media Types

Default Response

The following table describes the default response for this task.
Headers
  • If the REST API supports runtime customizations, the shape of the service may change during runtime. The REST client may isolate itself from these changes or choose to interact with the latest version of the API by specifying this header. For example: Metadata-Context:sandbox="TrackEmployeeFeature".
  • The protocol version between a REST client and service. If the client does not specify this header in the request the server will pick a default version for the API.
Body ()
Root Schema : dataSecurities
Type: object
Show Source
Nested Schema : Items
Type: array
Title: Items
The items in the collection.
Show Source
Nested Schema : dataSecurities-item-response
Type: object
Show Source
  • Title: Active
    Maximum Length: 1
    Default Value: true
    Indicates whether the data security access is active. The default value is ACTIVE.
  • Read Only: true
    Maximum Length: 64
    The user who created the row.
  • Read Only: true
    The date and time when the row was created.
  • Read Only: true
    The date and time when the row was last updated.
  • Read Only: true
    Maximum Length: 64
    The user who last updated the row.
  • Read Only: true
    Maximum Length: 32
    The session login of the user who last updated the row.
  • Links
  • Title: Role
    Maximum Length: 256
    The technical name of role where the data security assignment applies to the user. The role must be assigned to the user separately.
  • Title: Role Name
    The name of the role for which the data security assignment is applicable. You must separately assign the role to the user.
  • Title: Role Name
    Read Only: true
    Maximum Length: 240
    The name of the role for which the data security assignment is applicable. You must separately assign the role to the user.
  • Title: Security Context
    Maximum Length: 255
    The category of data access that is required for the role. The category includes business unit, asset book, and inventory organization.
  • Title: Security Context Value
    Maximum Length: 255
    The value of the security context associated with a role. For example, for a specific business unit, a financials job role is assigned the security context of that business unit. This value can be used as a criteria for assigning data access to a user name. This is the value for a single-part security context or the value for the first part of a multi-part context.
  • Maximum Length: 255
    The value of the security context associated with a role. For example, for a specific business unit, a financials job role is assigned the security context of that business unit. This value can be used as a criteria for assigning data access to a user name. This is the value for the second part of a multi-part context.
  • Maximum Length: 255
    The value of the security context associated with a role. For example, for a specific business unit, a financials job role is assigned the security context of that business unit. This value can be used as a criteria for assigning data access to a user name. This is the value for the third part of a multi-part context.
  • Title: User Name
    The unique identifier for a user defined in the application that allows account access.
  • Title: User Name
    Read Only: true
    Maximum Length: 100
    The user name that is a unique identifier of the user who allows account access. The user is defined in the application.
  • Title: User Role Data Assignment Identifier
    The numerical value that uniquely identifies a user data role.
Back to Top

Examples

The following example shows how to retrieve all the security contexts and respective values by submitting a GET request on the REST resource using cURL.

curl -i -u "<username>:<password>" -H "Content-Type: application/json" -X GET -d <payload> https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/dataSecurities

Example of Response Header

The following shows an example of the response header.

Status: HTTP/1.1 200 OK
Content-Type : application/vnd.oracle.adf.resourceitem+json
application/json

Example of Response Body

The following example shows the contents of the response body in JSON format:

{
    "items": [
        {
            "ActiveFlag": true,
            "UserRoleDataAssignmentId": 300100089613739,
            "Rolerf" : "Financial Analyst",
            "Userrf" : "FUSION_APPS_FSCM_ENT_MANAGER",
            "SecurityContext" : "Asset book",
            "SecurityContextValue" : "VISION LEASE CORPORATE BOOK",
            "UserName" : "FUSION_APPS_FSCM_ENT_MANAGER",
            "RoleNameCr" : "Financial Analyst",
            "links": [
                {
                    "rel": "self",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/datasecurities/300100089613739",
                    "name": "datasecurities",
                    "kind": "item"
                },
                {
                    "rel": "canonical",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/datasecurities/300100089613739",
                    "name": "datasecurities",
                    "kind": "item"
                },
                {
                    "rel": "lov",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/datasecurities/300100089613739/lov/RolePVA",
                    "name": "RolePVA",
                    "kind": "collection"
                },
                {
                    "rel": "lov",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/datasecurities/300100089613739/lov/UserNameLovVA",
                    "name": "UserNameLovVA",
                    "kind": "collection"
                }
            ]
        },
        .
        .
        . 
    "count": 2,
    "hasMore": false,
    "limit": 25,
    "offset": 0,
    "links": [
        {
            "rel": "self",
            "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/datasecurities",
            "name": "datasecurities",
            "kind": "collection"
        }
    ]
}
Back to Top