2 Create and Manage Users
Access to Oracle IoT Asset Monitoring Cloud Service functionality is determined by pre-defined roles.
Note:
You can also use your Oracle Identity Cloud Service instance to manage users, and their assigned roles, for the registered Oracle IoT Asset Monitoring Cloud Service application.
You can access Oracle Identity Cloud Service from the My Services page of your cloud subscription.
Understand Roles and Users
Oracle IoT Asset Monitoring Cloud Service uses predefined roles for application users. Roles are a set of privileges assigned to a user.
Oracle IoT Intelligent Applications Cloud includes global and application-specific roles. Global roles apply across all your IoT applications, such as Asset Monitoring, Production Monitoring, Connected Worker, and Fleet Monitoring. Application specific roles are specific to a particular application, such as Asset Monitoring.
Oracle Identity Cloud Service provides a centralized identity store for your IoT roles and users. When you create a user in Asset Monitoring, the user is created and stored in the identity domain associated with your IoT application in Oracle Identity Cloud Service. You can grant one or more roles to a user.
Asset Monitoring uses the following roles:
-
Administrator (IoTAdministrator): The administrator is responsible for the overall administration of the application. The Administrator role is a global superuser role applicable across Oracle IoT Intelligent Applications Cloud applications.
The administrator sets up and maintains the application. The administrator:- Creates organizations.
- Creates and manages users.
-
Asset Manager (IoTAssetManager): The asset manager is responsible for life-cycle management and monitoring of asset instances. This includes defining asset types and their corresponding analytics artifacts, creating asset instances, and monitoring key metrics using dashboards. The asset manager has access to both the Design Center and Operations Center.
The asset manager, called operations manager in pre-22.1.1 releases, manages and ensures the day-to-day availability of assets. The asset manager:
- Defines groups.
- Defines asset types and related analytics artifacts.
- Creates asset instances.
- Accesses and manages dashboards.
- Accesses Digital Twin views, executes actions and what-if scenarios.
- Accesses and manages the asset inventory.
- Assigns assets to locations and jobs that require them.
Note:
Oracle Service Monitoring for Connected Assets uses the Service Asset Manager role in place of Asset Manager. -
Technician (IoTTechnician): The technician is responsible for the onboarding and management of entities. This includes creating entity instances and configuring device connections. The technician also performs troubleshooting, and has access to the entity inventory, Digital Twin views, and incident updates.
The Technician role is a global role applicable across Oracle IoT Intelligent Applications Cloud applications. The technician:
- Onboards/Removes entities.
- Creates/Deletes entity instances.
- Configures connectivity:
- Creates connectors.
- Downloads schemas.
- Creates interpreters.
- Troubleshoots issues.
- Resolves incidents:
- Views related rules.
- Accesses Digital Twin views:
- Executes actions, what-if scenarios
- Accesses entity inventories.
- Edits custom attributes.
- Onboards/Removes entities.
-
Viewer (IoTViewer):The Viewer has read-only access to IoT applications. The Viewer role is a global role applicable across Oracle IoT Intelligent Applications Cloud applications.
The Viewer role was called User in pre-22.1.1 releases. A viewer can access the following entities in Operations Center:
- Dashboards
- Digital Twins
- Notifications
A non-admin application user must have explicit Viewer role to be able to log into the management console (
/ui
).
Create a New User
To let a user access Oracle IoT Asset Monitoring Cloud Service, create a new user in the application . Next, assign the roles appropriate for the user’s assigned tasks.
Edit a User Account
Edit a user account to change the user’s roles, name, e-mail, or telephone information.