Assign Security Profiles to Job and Abstract Roles
To give users access to data you usually create HCM data roles, which inherit job roles. However, you can also assign security profiles directly to job and abstract roles.
You're most likely to assign security profiles to abstract roles, such as Employee, to provide the data access that all employees need. For example, all employees must have access to the worker directory. You're less likely to assign security profiles to job roles, as users with the same job role typically access different data instances.
This topic describes how to:
-
Assign security profiles directly to a job or abstract role.
-
Remove security profiles from a job or abstract role.
Assign Security Profiles to Roles
You can assign security profiles to both predefined and custom job and abstract roles. Follow these steps to assign security profiles to a role:
-
In the Setup and Maintenance work area, go to the following:
-
Functional Area: Users and Security
-
Task: Assign Security Profiles to Role
-
-
On the Manage Data Roles and Security Profiles page, search for the job or abstract role.
-
In the search results, select the role and click Edit.
-
On the Edit Data Role: Role Details page, click Next.
-
On the Edit Data Role: Security Criteria page, select the security profiles that you want to assign to the role.
-
Click Review.
-
On the Edit Data Role: Review page, click Submit.
On the Manage Data Roles and Security Profiles page, search for the role again. In the search results, confirm that the Assigned icon, a Check mark, appears in the Security Profiles Assigned column. The Assigned icon confirms that security profiles are assigned to the role.
Revoke Security Profiles from Roles
You can remove security profiles that you assigned directly to a predefined or custom abstract or job role. For example, you may have assigned security profiles directly to a job role and included the job role in a data role later. In this case, users may have access to more data than you intended. Follow these steps to remove security profiles from a role:
-
On the Manage Data Role and Security Profiles page, search for the job or abstract role.
-
In the search results, select the role and confirm that security profiles are currently assigned to the role.
-
Click Revoke Security Profiles. All security profiles currently assigned directly to the role are revoked.