1. Implementing Knowledge Management with the Redwood User Experience
  2. Knowledge Users and Roles

Knowledge Users and Roles

You may already be familiar with Oracle Cloud Applications user roles to define users' capabilities. In this model, users have one or more roles, and those roles grant access privileges to protected resources.

Each role contains functional and data security policies that define the privileges that they grant. In order for a role to grant a particular privilege, it must contain policies that specify both the functions (tasks) and the data (objects) that the privilege grants access to. Roles can grant multiple privileges, and users can have more than one role.

  • Functional security policies govern the tasks that users can perform. Important tasks for authors and knowledge managers include viewing, creating, publishing, and deleting articles. For access users, the ability to view knowledge articles is the most important task.

  • Data security policies govern the data, or objects that users can access, and importantly, perform tasks on. Important knowledge management data include the content types that you grant users access to, and knowledge user groups.

Knowledge management has user groups that you use to control who can see which articles and documents in your knowledge base. Users who are assigned to a user group can access the content in it. There are predefined user groups to help you segregate content that should only be viewed by users within your organization, and you can define and implement your own user groups to segment content for additional audiences.

User groups are associated to data security policies. You grant users access to your user groups by assigning them roles that contain the data security policies for those groups, whether pre-defined or specific to your organization.

You can find detailed information on how roles, privileges, and policies work together in the Sales Users and Role Provisioning chapter of Securing Sales and Fusion Service.

Knowledge Authoring Requirement

When you set up authoring users, you need to assign both functional security policies and data security policies. In addition, you need to make sure that the authors are assigned to an authoring locale. This list summarizes the user requirements for authors:

  • The Knowledge Authoring functional security policy, which provides access to knowledge authoring capabilities.

  • The Grant on Knowledge Departments data security policy, which provides access to knowledge base content in one or more applications (departments). Authors usually work in only one application, either Service or HCM.

  • One or more content type data security policies (for example, Grant on SVC Content Types), which provide access to the types of articles that the author needs to create. Content types are specific to applications (departments). Make sure that the content types and department security policies are consistent within a role.

  • One or more Authoring locales, which determine the locales that the user can create content in.

Related Topics