Setup Users

Terminology

This section defines Security Terms used throughout this document.

Table 2-1 Security Terms

Term	Definition
Application Administrator	A customer application admin user who can perform application configurations via EICS admin screen.
Application Implementer	System implementer is user who implements the application.
Application Role	An application role is a collection of users and other application roles. Application roles are defined in applications, and they are not necessarily known to a Java Container.
Application System Operator	Application system operator user can perform application setup and configurations, including operations which are restricted to other application users.
Customer Cloud Administrator	A delegated customer cloud user for customer cloud management tasks, for example create customer security admin user, and other users.
Customer Security Admin	A customer security admin user who can create customer users and assign application roles.
Enterprise Group	An enterprise group is a collection of users and groups. Enterprise groups are defined in security store and are known to java EE server container.
Store Manager	A user who performs store manager role.
Store User	A user who performs store operations with assigned role permissions.
User	A user is an end-user accessing a service or application.

User Types and Responsibilities

Users in SIOCS are divided into the following types based on their job duties.

Table 2-2 User Types and Responsibilities

User Type	Responsibilities
Application Implementer	Data Seeding Configuration Operation Issues
Customer Cloud Administrator Security Admin	Create Additional App Users
Application Administrator	Configure System Configure Store
Store Manager	Store Management
Store User	Store Operations
Retail Home User	A user who can access EICS tile reports on Retail Home and navigate to related operational views in EICS from there.

In addition to application users, integration users need to be setup based on integrated applications.

User Access Control

Users of SIOCS have roles through which they gain access to functions and data.

Security implementation involves the management of:

Assign security groups to corporate operational users
Assign application roles to store users

Assign Customer-Cloud-Admin User and Security-Admin User

This is for Retailer's admin to setup other users. This user has application Administrator role assigned. This user can be created and managed by customer in IDCS or OCI IAM.

The Cloud service administrator may setup additional users based on their job duties.

IDCS or OCI IAM Application Roles assigned to Application Admin User:

admin_users
security_users
mps_users
batch_users
global_store_users
full_permission_users

Users also need to be assigned application roles via SIOCS Security Admin Role permission console. For details on how to use the SIOCS administration screens, see the Oracle Retail Enterprise Inventory Cloud Service Security Guide and the Oracle Retail Enterprise Inventory Cloud Service User Guide Security chapter.

Assign Implementation Users

Implementation users perform the key setup tasks to start your implementation. As part of initial setup, add an implementation user, and give them login credentials and the url for your Oracle Applications. The Cloud service administrator may setup additional users for performing implementation tasks. To create implementation users and the data roles for performing the tasks, the service administrator performs following tasks:

Create Implementation users and assign appropriate security IDCS or OCI IAM Application Roles in IDCS or OCI IAM
Assign SIOCS Application Roles in SIOCS Security Admin Console to implementation users, optionally you can create custom roles and data roles to assign to implementation users

Users also need to be assigned application roles via SIOCS Security Admin Role permission console. For details on how to use the SIOCS administration screens, see the Oracle Retail Enterprise Inventory Cloud Service Security Guide and the Oracle Retail Enterprise Inventory Cloud Service User Guide Security chapter.

Assign Store Users

The Customer security admin user will need to setup the additional application users and store users using IDCS or OCI IAM and assign EICS application permissions and stores to store users via SIOCS Security Users Screens.

Store assignments control the stores available for a user to login to. Users can be assigned access to specific stores through the SIOCS security admin UI.

Steps to setup users and permissions:

Custom Security Admin creates application users in Oracle Identity Cloud Service (IDCS) or Oracle Cloud Infrastructure Identity and Access Management (OCIIAM)
Assign IDCS or OCI IAM Application Roles which are applicable to application users based on their job duties
Define Custom Roles for non-Administrator role. You may assign the Default ADMINISTRATOR role to admin user.
Assign permissions to Role:

EICS defines two default application roles (ADMININISTRATOR and MANAGER), you may define custom roles to control user accesses based on job duties. There are 350+ roles permissions that decide how users access functionality. For details, see the Oracle Retail Enterprise Inventory Cloud Service Administration Guide - Configuration chapter.
Assign user to roles and stores:

Once stores are seeded into EICS, in SIOCS Security screen, customer security admin can assign users to stores, application roles. You may assign a single user to stores or use SIOCS UI Spreadsheet Data Loader to upload user role assignments.

See Oracle Retail Enterprise Inventory Cloud Service Security Guide - Application Security chapter, Mass Assigning Roles and Stores section and SIOCS UI Spreadsheet Data Loader.