7 Understanding User Management

User Management in Oracle Financial Services Cloud (OFSC) includes on-boarding of Employees and Operators, and associating their user profiles for system access. User credentials are managed using Oracle Cloud Infrastructure Identity and Access Management (OCI IAM).

Employee

An Employee is an individual who works for the Company and is associated with a business division.

Operator

An Operator is a person identified in relation to work to be performed in Oracle Financial Services Cloud, like a Business Administrator. An Operator directly interacts with the business services using secure credentials.

An Operator is an employee with access to Oracle Financial Services Cloud and has the appropriate entitlements for it. Operators are associated with an Operations Company, which could be either same as that of the Employee, or a different one.

Once an Operator sets up their login in OCI IAM, their user profile is created in Oracle Financial Services Cloud, while their credentials are created in OCI IAM itself. A user can have access to multiple tenancies; in which case the user need to be created in each tenancy. OCI IAM manages the login credentials for a user, whereas their Entitlements is specific to each tenancy and is configured by OFSC.

User Profile Creation

To improve security, you need to create user profiles in the your OCI Identity Domain. You need to ensure the following:
  1. Create users in OCI Identity Domain
    • Before creating a user profile in Communication Cloud, the corresponding user profile should exist in the OCI Identity Domain.
  2. Assign the required Communication Cloud related user groups
    • Assign the required Communication Cloud related user groups to each user to grant access to the necessary tenancies of Communication Cloud Service.
    • If a user requires access to multiple tenancies, ensure they are mapped to all relevant user groups. By default, three tenancies related user groups are available in the OCI Identity Domain.
  3. User profile creation in Communication Cloud
    • See Creating Employee and Creating Operator.
    • When creating a user in Communication Cloud, use the same login name as in the OCI Identity Domain. This ensures proper authentication to access Communication Cloud.

Note:

User Management activities like creating and managing user credentials, locking and unlocking users, resetting passwords, and so on, are handled using OCI Identity Domain.