Managing Supplemental Data Manager Teams

Teams are defined and provisioned with Owner, Assignee, and Approver roles. Then, rather than assigning named users these roles on a task, the role is assigned to the Team. Administrators and Power Users can add, edit, and delete teams.

Note:

An individual user can be assigned to a maximum of 1,000 teams, either directly or indirectly.

About Teams and Groups

Both teams and groups allow you to create collections of users. The difference is that groups also allow application roles to be assigned. For example, a Group of users could be created with the Reports - Manage application role and this allows all the users in the group to create reports. Because a user's role can be changed by groups, only Service Administrators can manage them. This leads to a more centralized management of groups. In addition, Oracle Identity Cloud Service (IDCS) groups can also be configured so that user membership can be synchronized with the customer's Identity Management tool of choice. For more information about Cloud EPM groups and IDCS Groups, see Managing Groups in Administering Access Control. Lastly, two features of Groups that aren't available for Teams are:

  • Groups are allowed to be included (nested) within another group
  • User assignment and unassignment to Groups is audited

Teams are simply a collection of users. Because they do not grant roles, Power Users (or any user granted permission by a Service Administrator) can administer them. This allows for a more distributed management of teams. For example, management of teams can be done by each client's organization leaders around the globe.

Therefore, you should use groups when you need to assign roles or have a centralized management of your users which can be integrated with your Identity Management if desired or or if you need the nesting or auditing features. You should use teams if you have a more decentralized management of your users and do not need to assign application roles.