Application Roles and Responsibilities Reference

See Details

• Orchestrated Systems: Create and Manage integrations of Authoritative Sources and Managed systems applications with Oracle Access Governance as Orchestrated systems.
• Access Controls:
  • Create and Manage Roles
  • Create and Manage Identity Collections
  • Create and Manage Organizations
  • Create and Manage Policies
  • Create and Manage Approval Workflows
  • Create and Manage Access Guardrails
  • Create and Manage Auto-Generated Access Bundles
• Access Reviews:
  • Create Campaigns.
  • Modify, Delete, Monitor all access review campaigns.
  • Enable and Disable Event-based access reviews for micro-certifications.
  • Modify, Delete, Monitor all event-based access reviews
  • Define auto-action for low-risk access reviews or unmatched accounts
  • Generate Event-Based Access Report and Access Reviews Campaign Report
• Manage Identities and Identity Attributes
• Deactivate or Activate all accounts and associated accesses for an identity managed by Oracle Access Governance
• Revoke one or more permissions assigned directly from the Managed System or provisioned through request.
• Retry Provisioning for Failed or Pending Status
• Enable, Disable, Delete one or multiple accounts
• Manage Notifications
• Settings:
  • Create, Modify Security Settings
  • Create, Modify Systems Settings
• Delegations:
  • Create, Modify own delegations
  • Create, Modify other user's delegations
• Who Has Access to What - Enterprise-wide Browser
  • View Enterprise-wide Access Insights
  • Create user-created access reviews and download related reports
  • Download CSV reports and PDF screenshot

• Create and Manage Identity Attributes

See Details

• View Identity details
• Terminate or Activate all accounts and accesses for an identity managed by Oracle Access Governance
• Enable, Disable, Delete, and Modify accounts
• Retry Provisioning for Failed or Pending Status
• Revoke permissions assigned directly from the Managed System or provisioned through request.
• Manage delegations
• Change Password
• View a list of orchestrated system defined in the Oracle Access Governance service instance.

See Details

• Create Campaigns
• Modify, Delete, Monitor self-created campaigns
• View Access Guardrails

See Details

• View access insights across an enterprise using Enterprise-wide Browser
• Create user-created access reviews and view corresponding time-range-based access review reports
• Download CSV reports and PDF screenshot
• View Access Guardrails

See Details

• Create and Manage Roles
• Create and Manage Identity Collections
• Create and Manage Policies
• Create and Manage Approval Workflows
• Create and Manage Access Bundles
• Create and Manage Organizations
• Create and Manage Access Guardrails

See Details

• Create Roles, Identity Collections, Policies, Approval Workflows, , Access Guardrails, Access Bundles, Organizations
• Manage resources that they own, as a resource owner

See Details

• Create Orchestrated systems (Authoritative Source and Managed System) to perform new integrations.
• Manage and configure all Orchestrated system defined in the Access Governance service instance.

See Details

Related to Orchestrated Systems

• Create Orchestrated systems (Only Managed System) to perform new integrations.
• Manage and Configure Orchestrated system settings that they own, as resource owner.

See Details

• Monitor all access review campaigns
• View Access Guardrails

See Details

• As a campaign owner - modify, delete, monitor self-owned access review campaigns.
• As an access reviewer - review and certify the access review tasks if associated with a specific approval workflow.
• As an end user - manage the self-service module to view your own accesses, change account password, request access, set preferences, set delegations, manage approvals or track access requests for self or direct reports.
• As a resource owner, view, modify and delete resources that they own.
• Create Identity Collections