Workflow for granting access to Oracle users
These steps are required so that Oracle users can access your instance of mHealth Connector Cloud Services and configure their studies.
Why do I have to perform these steps? You cannot provision users who are outside your organization in OHSIAMS Oracle Identity Self Service, even Oracle employees. These steps allow users who are outside your organization to request access to your instance of mHealth Connector Cloud Services so that they can be provisioned to work in mHealth Connector Cloud Services.
To grant access to Oracle users:
- Activate approval for the mHealth Connector Cloud Services roles in OHSIAMS Oracle Identity Self Service.
Why do I do this? When approval is activated for a role, it adds a second step in the process of assigning the role or requesting the role using self-service registration: an access request is raised and the role isn't granted unless the request is approved.
If you don't activate approval for a role, all users who request the role through self-service registration automatically receive it, and you can assign a role to a user without someone else approving the request.
- Set up self-service registration in OHSIAMS Oracle Identity Self Service.
Why do I do this? When you activate self-service registration for the mHealth_Configuration_Administrator and mHealth_Customer_Portal users roles and a user who doesn't have the role navigates to the URL for mHealth Connector Cloud Services, the user sees a page that allows them to submit an access request. An approver at your organization can approve the request in OHSIAMS Oracle Identity Self Service to grant the role to the user.
- Make mHealth Connector Cloud Services roles available to Oracle.
Why do I do this? Oracle employees can request access only to the roles that you publish to them.
- Review and approve access requests in OHSIAMS Oracle Identity Self Service.
Why do I do this? If you don't approve the requests of Oracle employees, they can't work in your organization's instance of mHealth Connector Cloud Services.
If approval is active for a role, any attempt to grant the role to a user—either from OHSIAMS Oracle Identity Self Service or through self-service registration—generates an access request. Someone with the Approver role at your organization must approve the request, or the user isn't granted the role.
Do I need to revoke Oracle employees' access after a study design is complete? You can, but you don't have to. After a study is approved and a predetermined amount of time passes, the user accounts of Oracle employees expire.