1. Oracle Global Human Resources Cloud REST APIREST API for Oracle Fusion Cloud HCM
  2. Use Cases
  3. Common
  4. Manage User Account Roles

Manage User Account Roles

When managing user accounts for the workers in your organization, you also need to manage the roles assigned to the user accounts based on the level of access required for the workers. You can use the userAccounts API to manage role assignments for user accounts and perform actions such as viewing the roles, assigning new roles, and revoking existing roles.

Let's discuss these scenarios:

  • View all the roles assigned to a user account
  • Assign a new role to a user account
  • Revoke an assigned role

View All Assigned Roles

Let's sat that Jason is an administrator who manages user accounts for the workers in his organization. He wants to view all the roles that are currently assigned to a specified user account.

To view all the assigned roles:

  1. Query the user account by using query parameter such as person number and obtain the GUID of the user account.
  2. Perform a GET operation on the userAccountRoles child resource by using the GUID.
  3. Verify the details returned in the response.

Example URL

Use this resource URL format.

GET
/hcmRestApi/resources/11.13.18.05/userAccounts/8091FA12603D206DE050F50AE3921F70/child/userAccountRoles

Example Response

Here's an example of the response body in JSON format.

{
    "items": [
        {
            "UserRoleId": 300100176944754,
            "RoleId": 5046,
            "RoleCode": "ORA_PER_EMPLOYEE_ABSTRACT",
            "CreatedBy": "useraccountsuper",
            "CreationDate": "2019-02-14T21:01:35.185+00:00",
            "LastUpdatedBy": "useraccountsuper",
            "LastUpdateDate": "2019-02-14T21:01:35.311+00:00",
            "links": [
               {
                 ...}
         ]
      }

Assign a New Role

Let's say that Jason wants to assign a new role to an existing user account.

To assign a a new role:

  1. Query the user account by using a query parameter such as person number and obtain the GUID of the user account.
  2. Obtain the role identifier by performing a GET operation on the userRolesLOV resource.
  3. Set the Content-Type to application/vnd.oracle.adf.resourceitem+json.
  4. Perform a POST operation on the userAccountRoles child resource by using the GUID.
  5. Verify the details returned in the response.

Example URL

Use this resource URL format.

POST
/hcmRestApi/resources/11.13.18.05/userAccounts/8091FA12603D206DE050F50AE3921F70/child/userAccountRoles

Example Request

Here's an example of the request body in JSON format.

{
  "RoleId": "5071"
}

Example Response

Here's an example of the response body in JSON format.

{
    "UserRoleId": 300100176944799,
    "RoleId": 5071,
    "RoleCode": "ORA_PER_LINE_MANAGER_ABSTRACT",
    "CreatedBy": "useraccountsuper",
    "CreationDate": "2019-02-14T21:01:35.185+00:00",
    "LastUpdatedBy": "useraccountsuper",
    "LastUpdateDate": "2019-02-14T21:01:35.311+00:00",
    "links": [
       {
           ..}
     ]
 }

Revoke an Assigned Role

Jason now wants to revoke a role that's currently assigned to this user account.

To revoke an assigned role:

  1. Query the user account by using a query parameter such as person number and obtain the GUID of the user account.
  2. Perform a GET operation on the userAccountRoles child resource by using the GUID, and obtain the role identifier of the currently assigned role.
  3. Set the Content-Type to application/vnd.oracle.adf.resourceitem+json.
  4. Perform a DELETE operation on the userAccountRoles child resource using the role identifier.
  5. Verify the status in the response.

Example URL

Use this resource URL format.

DELETE
/hcmRestApi/resources/11.13.18.05/userAccounts/8091FA12603D206DE050F50AE3921F70/child/userAccountRoles/300100176944799

Example Response

Here's an example of the response body in JSON format.

Status: 204 - No content