Create Users and Assign Roles in Microsoft Entra ID

7.3 Create Users and Assign Roles in Microsoft Entra ID

Create users in Microsoft Entra ID and assign them application roles. You can create as many users as your organization requires. The role assignments flow into each user's JWT roles claim and determine which data roles the Oracle AI Database activates in an end-user security context.

Create new users in your Microsoft Entra ID domain.
1. On the Microsoft Entra portal's Home page, click Users in the left navigation pane under Entra ID.
  The Users page opens.
2. Click New user, then click Create new user, and enter the details as shown in the example below:
  - User principal name: marvin@<your-directory>.onmicrosoft.com
  - Display name: marvin
  - Password: Set a password for the user
  - Account enabled: Leave this field checked
  Click Review + create, and then click Create. From the Users page, copy the user's full user principal name (UPN).
Repeat this step for each additional user your organization requires.

Note:
New users are assigned a temporary password at creation. Each user is prompted to change their password on first sign-in.
Assign users to your application (HCM APP) in Entra ID to enable sign-in. Select specific application roles to define their data access privileges.
1. In the left navigation pane under Entra ID, click Enterprise apps, and then select HCM APP.
2. Click Assign users and groups in the Getting Started section of the application’s Overview page.
3. On the Users and groups page, click Add user/group to assign a new user to the application.
4. On the Add Assignment page, perform the following actions:
  1. Select Marvin under Users.
  2. Select MANAGER under Select a role.
  3. Click Assign.
Repeat this step to assign additional roles to the same user or to assign roles to other users.

You have now provisioned users in Entra ID and assigned them application roles on the HCM APP application.