Overview of Setting Up Users and Security
Since you followed the Implementing Sales guide steps to set up your initial set of users, then you already know that Oracle applications use a role-based access control security model to secure access to functionality and data.
In a role-based access control security model, users are assigned roles, and roles are assigned access privileges to protected system resources.
Sales and Service users who access the transactional UI, for example sales representatives or service representatives working in leads or service requests, are created as resources and are known as resources.
Default Preferences
To set up default preferences for users and roles, access the Security Console as a setup user or other user with the IT Security Manager job role. Only setup users, or other users with the IT Security Manager job role, can access the Security Console. See the Securing Fusion Sales and Service guide for more information.
User Identity Store
The Lightweight Directory Access Protocol (LDAP) identity store is a repository of user identity data. Your LDAP directory stores definitions of LDAP user accounts. In general, changes you make to user accounts are automatically synchronized between the sales application and your LDAP directory server. However, you must also run processes on a daily basis to manage the information exchange between your application and the LDAP directory server. For information, see the chapter about setting up application security in the Securing Fusion Sales and Service guide.
Setup Tasks in the UI and Other Setup Options
As a setup user, you use multiple different tasks in Setup and Maintenance to create and maintain users. You also have additional setup options to consider. The following table describes these tasks and setup options.
Setup Task or Option and Navigation |
Description |
---|---|
Manage Job Roles Task Navigation: Setup and Maintenance > Sales Offering > Users and Security functional area |
Oracle provides many predefined job roles. The relevant sales roles are listed in the Implementing Sales guide. You perform the Manage Job Roles task to:
This task opens the Roles tab of the Security Console. |
Manage Duties Task Manage Sales and Service Access Management Task Navigation: Setup and Maintenance > Sales Offering > Users and Security functional area |
You perform the Manage Duties task to:
This task opens the Roles tab of the Security Console. |
Manage Data Security Policies Task Manage Sales and Service Access Task Navigation: Setup and Maintenance > Sales Offering > Users and Security functional area |
You use the Manage Data Security Policies task to manage the data security policies that determine grants of entitlement to a user or role on an object or attribute group. This task opens the Roles tab of the Security Console. You can also use the Manage Sales and Service Access task to review and configure data security. This task opens the Sales and Service Access Management work area. For information, see the Securing Fusion Sales and Service guide. |
Manage Users Task Navigation: Navigator > Users and Roles item or Setup and Maintenance > Sales Offering > Users and Security functional area |
You create application users in the UI using the Manage Users task. A user with the IT Security Manager job role performs the Manage Users tasks. Note: You can also create sales users by importing users. For information on
the user import options available, see the Understanding Import and Export
Management for Fusion Sales and Service and Implementing Sales
guides.
|
Manage HCM Role Provisioning Rules Task Navigation: Setup and Maintenance Sales Offering > Users and Security functional area |
Oracle provides predefined role mapping rules for provisioning many of the standard job roles included with the application. However, using the Manage HCM Role Provisioning Rules task, you can create any additional role mappings you need to, to control the provisioning of roles to application users. For example, you can create a role mapping to provision the Channel Sales Manager role automatically to specific sales managers. |
Import and Export Management |
You can import users in bulk using data files. For information on the user import options available, see the Understanding Import and Export Management for Fusion Sales and Service and Implementing Sales guides. |
Import Partner Users Task |
You can also import partner contact data using the Import Partner Users task. For more information, see the Getting Started with Your Partner Relationship Management Implementation guide. |
Single Sign-On Authentication |
Single sign-on authentication is optionally available for user authentication. If your enterprise has moved from a traditional on-premises environment to an Oracle Cloud implementation, you might want to use your existing identity management solution for authenticating your employees, and you might also want to provide a single sign-on experience. Implementing federated single sign-on lets you provide users with single sign-on access to applications and systems located across organizational boundaries. For additional information, see Oracle Applications Cloud Service Entitlements (Doc ID 2004494.1) on My Oracle Support at https://support.oracle.com. |
Resetting User Passwords |
Setup users provisioned with the IT Security Manager job role can use the Users tab in the Security Console work area to reset passwords for all application users. Users who can't access the Security Console can reset only their own passwords using the Set Preferences link in the Settings and Actions menu available by clicking their user name in the application or by using the Forgot Password link on the sign-in page. See the Implementing Sales guide for more information. |
Updating Email Addresses |
Use the Users tab in the Security Console work area to change user email addresses. You can use the procedure described in this topic to update addresses of both setup users and sales users. If you're updating the email addresses of sales users, then you can also use the same import process you use to create them. See the Implementing Sales guide for more information. |