1. Administration Guide
  2. Manually Assigning Users to Groups in the Identity Cloud Service Console

Manually Assigning Users to Groups in the Identity Cloud Service Console

If you are not planning to enable the User Synchronization feature, you will need to manually create the Identity Cloud Service Groups before assigning them to Users. The Identity Cloud Service Groups must follow a particular naming convention, which is a combination of the Role and Environment Type with an underscore between them. The Environment Type will be one of: PRODUCTION, TEST, DEVELOPMENT, or LNM. The Role will be one of the following:
  • OTMBISERVPROV: This role should only be used to access the Servprov Main Dashboard. This role is only used for TI.
  • OTMBINoAccess: A user with a business intelligence role of No Access will not be able to access any dashboard.
  • OTMBILSPHost: This is the only role that can be used with the LSP Host dashboard. Also this role is incompatible with any of the other dashboards listed in the table below. This role is only used for TI.
  • OTMBILSPCustomer: This is the only role that can be used with the LSP Customer dashboard. Also this role is incompatible with any of the other dashboards listed in the table below. This role is only used for TI.
  • OTMBIAdministrator: his role mimics the OAS role of the same name. This role can be used for TI, GTI. This new role replaces the legacy TI BI role of PRESENTATION SERVER ADMINISTRATOR.
  • OTMBIContentConsumer: This role mimics the OAS role of the same name. This role can be used for TI, GTI. This new role replaces the legacy TI BI roles of EXECUTIVE and OPERATIONAL.
  • OTMBIContentAuthor: This role mimics the OAS role of the same name. This role can be used for TI, GTI. This new role replaces the legacy TI BI role of DEVELOPER.
  • OTMBIKPIManager: This the only role that can be used to edit target values of metrics from dashboard. This role must be assigned together with one of the other roles. For example, use the BIAuthor or BIConsumer role to give the user access view and/or edit the default dashboard while the KPIMANAGER role provides the ability to edit targets.
For example, to give a user the ability to run Reports in the Production environment, you would need to create a Group in Identity Cloud Service with the name “OTMBIContentConsumer_PRODUCTION" and assign it to the User. In order to create Groups and assign Users to those Groups, you will need to do the following:
  1. Sign in to the Oracle Cloud Console.
  2. Navigate to Identity & Security > Identity Domains on the menu.
  3. Select the Domain listed as the "Current Domain".
  4. Navigate to the User Management tab, and in the Groups section, click Create Group.
  5. Enter a Group Name as follows based on the Role and Environment Type:
    • For Production pod type, enter "OTMBIContentConsumer_PRODUCTION".
    • For Development pod type, enter "OTMBIContentConsumer_DEVELOPMENT".
    • For Test pod type, enter "OTMBIContentConsumer_TEST".
  6. Navigate to the User Management tab, and in the Users section, click Create User, or modify an existing user.
  7. Enter the details and add the group created earlier to the user and click Create.