To ensure that questions get required attention from community members and are NOT left unanswered, it’s important for the author to indicate (by selecting “Yes” or “No” when prompted) whether the question was answered. (newly added) Please note that it is also important to respond to EACH comment your question receives. Your Yes or No response ensures an accurate status for your question.
For more information, please refer to this announcement explaining best practices for getting answers to questions.
For more information, please refer to this announcement explaining best practices for getting answers to questions.
Applications Security
Discussion List
-
Request for Historical Audit Data –IT Security Manager RoleSummary: Hello, As part of an Oracle ERPC audit, we would like to know if it is possible to extract the history of assignments and removals of the IT Security Manager ro… -
Benefit Admin is not able to edit SSN in dependents and beneficiaries pageBenefit Admin is not able to edit SSN in dependents and beneficiaries page. Benefits admin who is having custom role based on AOR is only having the issue and seeded rol… -
how to find the Privilege required for Rest endpoint in Fusion SaaS ApplicationSummary Privilege required for EndpointContent Hi team, I am trying to Find the Privilege for the particular Rest endpoint in Payable. similarly SOAP in Developer Connec… -
SCIM Integration - Okta to Oracle Fusion ERPSummary: We are trying to create users in Oracle Fusion ERP from Okta. Users will be onboarded in Okta and then provisioned into Fusion ERP using SCIM. Could someone ple… -
Please advise the privilege name for payables to ledger reconciliation task to assign in custom roleSummary: Content (please ensure you mask any confidential information): Version (include the version you are using, if applicable): Code Snippet (add any code snippets t… -
what are the privileges required to access My Client Groups ->Person ManagementSummary: Content (please ensure you mask any confidential information): Version (include the version you are using, if applicable): Code Snippet (add any code snippets t… -
How can we generate a Vulnerability Assessment and Penetration Testing (VAPT) Report?Need detailed guidance on how we can fetch a VAPT Report for FCCS. -
looking to implement a generic Cross-Validation (CV)ruleHello Community,We are looking to implement a generic Cross-Validation (CV) rule in Oracle Cloud to restrict account combinations where the Company segment value is equa… -
SQL Query to get the details of the Roles and its inherited rolesSummary: Hi Fellow Developers, We have a requirement to create a BIP report to fetch the details of the Roles and its inherited roles. I tried using the "ASE_ROLE_VL" bu… -
Oracle issued email - 'Oracle to Implement MFA for All Portals'Hi, I have today (5 Sept 2025) received an Oracle issued email entitled 'Oracle to Implement MFA for All Portals' Grateful to know: when this email states 'ALL logins' a…
-
Multi-Factor Authentication (MFA) for Pending Worker LoginSummary: While using SSO for employee login in Oracle HCM Cloud, Can we have multi factor authentication for Pending workers who log in with user name password? Content … -
Unable to see options of Role Name in Role DelegationHi all, We are facing issue in viewing options of Role Name in the Role Delegations section of Account Management Page. Please suggest some solution. Navigation: My Clie… -
How can service accounts - used for EPM Automate processes - be configured to not use MFA?We use service accounts to run unattended, overnight, EPM Automate processes. These accounts will have admin privileges to the PBCS environment. We need these to continu… -
create integration account with access to only a legal entityHi team, is it possible to create an account (for an integration flow) that is not linked to a person record, but has access to only one legal entity? Since there is no … -
How to create custom role to restrict specific reports in oracle Fusion?Summary: User has an requirement like For example, If the user has give Accounts payable roles the User should only able to see the AP Invoice details report. And won't … -
Trying to use 'Generate Audit Report'Trying to use the generate audit report however it returns no results. I have been able to query a logged audit activity via the audit console, so i was assuming this wo… -
What privilege needs to be added to a role to allow the “Employment contracts” section to be viewed?We are trying to create a compensation role that can view the employment contract action. We have added PER_CONTRACTS_F to the data security policies and associated it w… -
Person Security Profile Setup Using Business Unit and Department HierarchyThe client requires a person security profile based on both Business Unit and Department hierarchy. However, we don’t see an option that links these two. Please see the … -
Assigning a Single role to Multiple UsersHi, We have a requirement where a single role needs to be assigned to multiple users. Could you please advise if there is a standard approach to achieve this, or suggest… -
How we verify Oracle Fusion ERP control includ SOC2 report, Shared Res. Model, and DR site location?We are currently conducting a review of administrative and security controls for our Oracle Fusion ERP (SaaS) environment. As part of compliance with our national cybers… -
Not able to add function security policy to existing job roleI am trying to add a functional security policy to an existing HCM job role. While I’ve successfully added a few policies, when I attempt to add 'Manage Division', the s… -
How many file extensions can be attached in oracle fusionWe want to know, how many extensions are allowed in oracle fusion for attaching the documents etc. Is .PHP extension is allowed in attaching the file. -
user utilization in oracle fusion applicationHi, I am looking for a report in Oracle Fusion (25B) on one item, there is so much discussion happened however it is not clear and I am not able to get output from previ… -
How to identify the HCM Privileges within the RolesSummary: Hi Experts, We are in the process of removing all HCM Roles and any HCM Privileges that may be utilized in other modules, such as Finance or FSCM. So far, we ha… -
An internal audit is looking for default userids used by Oracle that are deliveredwe are currently going thru an audit - and as they audit all the user ids to the application they are pointing at Users that are administered by Oracle and not the custo… -
REDWOOD/Benefit Summary: What privilege is needed to view the Notes Section?Summary: On the Benefit Summary Page there is a Notes section at that bottom. Can someone help to determine what privilege gives access to this section, so we can add it… -
Cannot search employees in person managementHi, Our HR users are experiencing limited access when searching for employees in Person Management. They can view some employees but not others. However, in another envi… -
With the new OCI Login pages what do we use as the url for Login Audit Rest API urlSummary: With the Oracle changes for the Oracle Cloud HCM login pages moving to OCI login pages, what do we use as the api for Login Audit Rest API url? Example: Before:… -
Need to verify the existence of the audit trails for key configurations and dataset24 Absence of ERP System Audit Trails We have some reuirement related to the Audit where thwy have asked the following information. Observation As part of review of Orac… -
MFA for Cloud HCM SSO usersSummary: Does the new MFA requirement apply to all Cloud HCM SSO user logins? If yes, what is the exact day in September 2025 that this be required? Content (please ensu…