Oracle Cloud Infrastructure Documentation

Manage Roles, Users, and Access

As the cloud account administrator, you manage access to subject areas and data.

About Managing Roles, Users, and Access

As an administrator, one of your initial tasks is to ensure that users have appropriate access to use Oracle Analytics for Applications.

Access to subject areas and data depends on the roles assigned to the users.

About Roles

Oracle Analytics for Applications provides four role types

  • Duty roles – define duties of a job as entitlement to perform a particular action, such as access to AP Transactions subject area.
  • Data roles - provide access to the transactional data in the tables and groups users who have functional access through a particular job role with access to a particular dimension of data. For example, invoices relevant only to their business unit.
  • Application roles - provide a set of system privileges that users can perform after signing in to Oracle Analytics for Applications such as administering system setting, functional setup, use security, or data modeling.
  • Job roles – inherit data, duty, and application roles and are assigned to users. They define a user’s business function such as VP of Sales, HR Analyst, Procurement Buyer. Job roles and users are synchronized from Oracle Fusion Application Services to Oracle Identity Cloud Service. The job roles are mapped as groups Oracle Identity Cloud Service.
Job Roles

Job roles synchronized from Oracle Fusion Application Services into Oracle Identity Cloud Service are:

Job Role Code Job Roles Name Description Associated Data Role and Duty Role Functional Area
ORA_GL_FINANCIAL_ANALYST_JOB Financial Analyst Has Author privileges

OA4F_FIN_GL_ACCESS_SET_DATA

OA4F_FIN_GL_BALANCE_SHEET_ANALYSIS_DUTY

OA4F_FIN_GL_DETAIL_TRANSACTIONS_ANALYSIS_DUTY

OA4F_FIN_GL_PROFITABILITY_ANALYSIS_DUTY

Author

GL
ORA_GL_GENERAL_ACCOUNTANT_JOB General Accountant Has Author privileges

OA4F_FIN_GL_ACCESS_SET_DATA

OA4F_FIN_GL_BALANCE_SHEET_ANALYSIS_DUTY

OA4F_FIN_GL_DETAIL_TRANSACTIONS_ANALYSIS_DUTY

OA4F_FIN_GL_PROFITABILITY_ANALYSIS_DUTY

Author

GL
ORA_GL_GENERAL_ACCOUNTING_MANAGER_JOB General Accounting Manager Has Author privileges

OA4F_FIN_GL_ACCESS_SET_DATA

OA4F_FIN_GL_BALANCE_SHEET_ANALYSIS_DUTY

OA4F_FIN_GL_DETAIL_TRANSACTIONS_ANALYSIS_DUTY

OA4F_FIN_GL_PROFITABILITY_ANALYSIS_DUTY

Author

GL
ORA_AP_ACCOUNTS_PAYABLE_MANAGER_JOB Accounts Payable Manager Has Author privileges

OA4F_FIN_AP_BUSINESS_UNIT_DATA

OA4F_FIN_AP_BALANCE_ANALYSIS_DUTY

OA4F_FIN_AP_TRANSACTION_ANALYSIS_DUTY

OA4F_FIN_AP_AGING_ANALYSIS_DUTY

Author

AP
ORA_AP_ACCOUNTS_PAYABLE_SPECIALIST_JOB Accounts Payable Specialist Has Author privileges

OA4F_FIN_AP_BUSINESS_UNIT_DATA

OA4F_FIN_AP_BALANCE_ANALYSIS_DUTY

OA4F_FIN_AP_TRANSACTION_ANALYSIS_DUTY

OA4F_FIN_AP_AGING_ANALYSIS_DUTY

Author

AP
ORA_AP_ACCOUNTS_PAYABLE_SUPERVISOR_JOB Accounts Payable Supervisor Has Author privileges

OA4F_FIN_AP_BUSINESS_UNIT_DATA

OA4F_FIN_AP_BALANCE_ANALYSIS_DUTY

OA4F_FIN_AP_TRANSACTION_ANALYSIS_DUTY

OA4F_FIN_AP_AGING_ANALYSIS_DUTY

Author

AP
ORA_AR_ACCOUNTS_RECEIVABLE_MANAGER_JOB Accounts Receivable Manager Has Author privileges

OA4F_FIN_AR_TRANSACTIONS_ANALYSIS_DUTY

OA4F_FIN_AR_BALANCE_ANALYSIS_DUTY

OA4F_FIN_AR_AGING_ANALYSIS_DUTY

OA4F_FIN_AR_BUSINESS_UNIT_DATA

Author

AR
ORA_AR_ACCOUNTS_RECEIVABLE_SPECIALIST_JOB Accounts Receivable Specialist Has Author privileges

OA4F_FIN_AR_TRANSACTIONS_ANALYSIS_DUTY

OA4F_FIN_AR_BALANCE_ANALYSIS_DUTY

OA4F_FIN_AR_AGING_ANALYSIS_DUTY

OA4F_FIN_AR_BUSINESS_UNIT_DATA

Author

AR
Duty Roles

Duty roles to secure subject areas are:

Duty Role Code Duty Role Name Duty Role Description Functional Area Gets access to Subject Area Display Name OR Associated Role
OA4F_FIN_GL_BALANCE_SHEET_ANALYSIS_DUTY General Ledger Balance Sheet Analysis Duty Object security role to control presentation catalog access to Financials GL Balance Sheet subject area. GL Financials - GL Balance Sheet
OA4F_FIN_GL_PROFITABILITY_ANALYSIS_DUTY Profitability Analysis Duty Object security role to control presentation catalog access to Financials GL Profitability subject area. GL Financials - GL Profitability
OA4F_FIN_GL_DETAIL_TRANSACTIONS_ANALYSIS_DUTY General Ledger Detail Transactions Analysis Duty Object security role to control presentation catalog access to Financials GL Detail Transactions subject area. GL Financials - GL Detail Transactions
OA4F_FIN_AP_BALANCES_ANALYSIS_DUTY Accounts Payable Balances Analysis Duty Object security role to control presentation catalog access to Financials Accounts Payable Balances subject area. AP Financials – AP Balances
OA4F_FIN_AP_AGING_ANALYSIS_DUTY Accounts Payable Aging Analysis Duty Object security role to control presentation catalog access to Financials Accounts Payable Aging subject area. AP Financials – AP Aging
OA4F_FIN_AP_INVOICES_ANALYSIS_DUTY Accounts Payable Invoices Analysis Duty Object security role to control presentation catalog access to Financials Accounts Payable Invoices subject area. AP Financials – AP Invoices
OA4F_FIN_AP_LIABILITIES_ANALYSIS_DUTY Accounts Payable Liabilities Analysis Duty Object security role to control presentation catalog access to Financials Accounts Payable Liabilities subject area. AP Financials – AP Liabilities
OA4F_FIN_AP_PAYMENTS_ANALYSIS_DUTY Accounts Payable Payments Analysis Duty Object security role to control presentation catalog access to Financials Accounts Payable Payments subject area. AP Financials – AP Payments
OA4F_FIN_AR_BALANCES_ANALYSIS_DUTY Accounts Receivable Balances Analysis Duty Object security role to control presentation catalog access to Financials Accounts Receivable Balances subject area. AR Financials – AR Balances
OA4F_FIN_AR_AGING_ANALYSIS_DUTY Accounts Receivable Aging Analysis Duty Object security role to control presentation catalog access to Financials Accounts Receivable Aging subject area. AR Financials – AR Aging
OA4F_FIN_AR_TRANSACTIONS_ANALYSIS_DUTY Accounts Receivable Transactions Analysis Duty Object security role to control presentation catalog access to Financials Accounts Receivable Transactions subject area. AR Financials – AR Transactions
OA4F_FIN_AR_APPLICATIONS_ANALYSIS_DUTY Accounts Receivable Receipts and Applications Analysis Duty Object security role to control presentation catalog access to Financials Accounts Receivable Receipts and Applications subject area. AR Financials – AR Receipts and Applications
OA4F_FIN_AR_CREDITMEMO_ANALYSIS_DUTY Accounts Receivable Credit Memo Applications Analysis Duty Object security role to control presentation catalog access to Financials Accounts Receivable Credit Memo Applications subject area. AR Financials – AR Credit Memo Applications
OA4F_FIN_AR_ADJUSTMENTS_ANALYSIS_DUTY Accounts Receivable Adjustments Analysis Duty Object security role to control presentation catalog access to Financials Accounts Receivable Adjustments subject area. AR Financials – AR Adjustments
Data Roles

Data roles to secure data are:

Data Role Code Data Role Name Description Functional Area
OA4F_FIN_GL_ACCESS_SET_DATA General Ledger Access Set Data Security Data security role to access ledger set based data GL
OA4F_FIN_AP_BUSINESS_UNIT_DATA Accounts Payable Business Unit Data Security Data security role to access accounts payable business unit based data AP
OA4F_FIN_AR_BUSINESS_UNIT_DATA Accounts Receivable Business Unit Data Security Data security role to access accounts receivable business unit based data AR
Application Roles

The application roles for Oracle Analytics for Applications available in Oracle Identity Cloud Service through Oracle Analytics for Applications provisioning are:

Role Name Role Description Purpose
Administrator Tenant administrator for service instances Creates and manages Oracle Analytics for Applications instances, administers Oracle Identity Cloud Service users and roles.
Service Administrator Oracle Analytics for Applications service administrator Customer facing (Snapshots, Connections, System Settings) administrator access to Oracle Analytics for Applications.
Functional Administrator Oracle Analytics for Applications functional administrator Performs functional configuration (pipeline, reporting) in Oracle Analytics for Applications.
Security Administrator Oracle Analytics for Applications security administrator Administers application roles and data security.
Modeler Administrator Oracle Analytics for Applications data model administrator Promote data model (RPD) customization to Oracle Analytics Cloud instance.
Modeler Oracle Analytics for Applications modeler Modify the semantic model to bring in custom dimensions and attributes.
Author Oracle Analytics for Applications author Create and edit KPIs, cards, and decks , DV projects, reports and dashboards.
Consumer Oracle Analytics for Applications consumer Read access to content. Can create cards and decks. Read access to Oracle Analytics Cloud content.

About Users

Oracle Analytics for Applications uses the Oracle Fusion Application Services users that you create in Oracle Identity Cloud Service. You also create job roles in Oracle Identity Cloud Service and then assign the job roles to the users.

See Create and Associate Users and Application Roles

About Access

You provide access to subject areas and data by assigning job roles to users in Oracle Fusion Application Services. Job roles are associated with duty and data roles.

Create and Associate Users and Application Roles

To access Oracle Analytics for Applications, create Oracle Fusion Application Services users and groups (these are the equivalent of job roles in Oracle Fusion Application Services) in Oracle Identity Cloud Service and then assign the job roles to users.

You can either manually create users and job roles and associate them in Oracle Identity Cloud Service or automatically synchronize new users and job roles in Oracle Fusion Application Services with Oracle Identity Cloud Service. See Synchronize Oracle Fusion Applications Cloud Service User Identities and Roles with Oracle Identity Cloud Service.
Note

If you create job roles, job role assignments, and users or revoke existing job roles, job role assignments, or users in Oracle Fusion Application Services, then you must also maintain these changes in Oracle Identity Cloud Service each time.
  1. Make a list of the Oracle Fusion Application Services users and job roles who need access to Oracle Analytics for Applications.
    Note

    You need the exact user and job role names as they are in Oracle Fusion Application Services. The names are case sensitive.
  2. Create Oracle Fusion Application Services users in Oracle Identity Cloud Service.
    1. Sign into Oracle Identity Cloud Service with your administrator credentials.
    2. Navigate to Users and click Add.
    3. Enter the user details as they are in Oracle Fusion Application Services and then click Finish.
      Note

      The user name is case sensitive.
  3. Create Oracle Fusion Application Services job roles in Oracle Identity Cloud Service.
    1. Navigate to Groups and click Add.
    2. Enter the job role name as it is in Oracle Fusion Application Services and then click Finish.
  4. Assign the job roles to users.
    1. On the Groups page, select a group.
    2. For the group specific to the Oracle Fusion Application Services job role, in the Users tab, click Assign and select the users that you want to associate with the group (job role).
  5. Optional: As a system administrator, you have the necessary privileges to perform the configuration steps yourself. However, if you need to assign the Functional Administrator privileges to a user, please perform the following steps in Oracle Identity Cloud Service.
    1. On the left hand side menu, navigate to Applications.
    2. Select ANALYTICSAPP_<instancename> corresponding to your analytics instance.
    3. In the Application Roles tab, search for and select the Functional Admin role.
    4. Click the hamburger icon and assign users to this role.
The users that you added receive an email to activate their account. After activation, they must sign into Oracle Analytics for Applications and verify their access to data and objects.