Manage Roles in Custom OAuth Client Applications Using Application Extensions Page

You can manage user assignments and role assignments for platform applications and custom applications respectively from the Security Console.

In environments provisioned with an Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) identity domain, the Security Console displays the Application Extensions page. On this page, you can view all the available Platform Applications and Custom OAuth Client Applications.

• Platform Applications are provisioned by default in an OCI IAM identity domain environment. The roles assigned to these applications are the ones created in Oracle Fusion Cloud Applications. You can add or remove users to roles that are associated with a platform application.
• Custom OAuth Client Applications are those that the users create in an OCI IAM identity domain. The roles assigned to these applications have permission groups enabled. You can add or remove roles to a custom application.

Add User to Role Associated with Platform Application

1. On the Application Extensions page, in the Platform Applications section, click an application.
2. Click Roles (These roles are application-specific service roles available in the OCI IAM identity domain).
3. From the roles that are listed, click a role to which you want to add users to.
4. Click Add to search for and add users to the role.
5. Click Done.

Add Role to Custom OAuth Client Application

1. On the Application Extensions page, in the Custom OAuth Client Applications section, click an application.
2. Click Roles (These roles are permission groups enabled roles).
3. On the Roles page, click Add to search for and add roles to the application.
4. Click Done.