1 Introduction

Starting with Oracle Empirica Signal version 8.0, Oracle Life Sciences Empirica Signal is integrated with Oracle Life Sciences Identity and Access Management Service.

Oracle Life Sciences IAMS manages user credentials and controls if a user can log into a particular Cloud application or environment. In Oracle Life Sciences IAMS, each user has a single username and password. These are valid across all enabled OHS Cloud Services, regardless of the number of different applications or environments the user has access to.

You can group your federated applications together to work with a specific identity provider, such as grouping the test applications to work with a test identity provider, and grouping the production applications to work with a production identity provider. This also enables you to separate your clinical applications from the safety application. To activate this feature, raise a request to Health Sciences Support.

Each company that uses OHS Cloud Services nominates at least one Customer Delegated Administrator (CDA). This individual can create, enable or disable, or lock user accounts as well as define which applications and Cloud environments a user can access.

Even though Oracle Life Sciences IAMS manages the user accounts, application-specific user roles and privileges are still defined in an application's administrative user interface (UI). For Oracle Empirica Signal, the person who assigns roles and privileges to users is typically the Oracle Empirica Signal Customer Administrator.

The Oracle Empirica Signal Customer Administrator can be the same person as the Oracle Life Sciences IAMS CDA or a different individual. This guide describes both tasks that require the Oracle Life Sciences IAMS CDA role, and tasks that require the Customer Administrator or super-user Oracle Empirica Signal application role.

The process to create accounts is different for new and upgraded users. As a result, before the CDA creates a new Oracle Life Sciences IAMS account, the CDA must determine if that user has used the Oracle Empirica Signal Cloud environment previously.

Upgraded users have existing application accounts in Oracle Empirica Signal. The CDA must review or update the details of the Oracle Empirica Signal accounts to match Oracle Life Sciences IAMS naming conventions. For details on how to update existing application accounts, please see Adjust the user's Oracle Empirica Signal account details.

There are two workflows for notifying a user that the Oracle Life Sciences IAMS account has been created:

1. Security questions: The user receives two emails. One says that the user has an account, and the other provides a temporary password. The user is expected to log in, set the answers to the security questions, and change the password.
2. Email link: The user receives one email that contains both the information that the account has been created and a link to set the initial password.

Which workflow is followed depends on how the Oracle Life Sciences IAMS tenant has been configured. For example, a newly set-up tenant follows the email link workflow. If you are adding a user to an old tenant, you will likely use the security questions workflow, unless the CDA has opted in to using the email link workflow.