To ensure that questions get required attention from community members and are NOT left unanswered, it’s important for the author to indicate (by selecting “Yes” or “No” when prompted) whether the question was answered. (newly added) Please note that it is also important to respond to EACH comment your question receives. Your Yes or No response ensures an accurate status for your question.
For more information, please refer to this announcement explaining best practices for getting answers to questions.
For more information, please refer to this announcement explaining best practices for getting answers to questions.
Applications Security
Discussion List
-
Can we get OCI IAM feature enabled for Fusion before 25B release?Summary: In the webinar today, it was communicated that the new OCI IAM feature in Oracle Fusion will be going live in 25B (May 2025). All the clients will have a roll o… -
Prevent user frontend loginFor our Oracle HCM Cloud environment, we have configured OAuth security for connecting with API's, and we followed this guide: Different ways to consume Fusion SaaS API …
-
grant in SYSTEM scope failed due to JPS-04201 oracle HCM OPSS audit rest APIfor an audit integration, we need to transmit audit REST API details to a third party monitoring system. using OPSS as product for fscmRestApi/fndAuditRESTService/auditt…
-
Password ManagementHello, I searched the entire security memo and couldn't find the answer to my question: https://docs.oracle.com/en/cloud/saas/applications-common/25a/facsa/how-can-i-dis… -
How to determine version of Oracle WebLogic Server/Fusion Middleware used in Fusion Cloud ERP?Summary: How to determine version of Oracle WebLogic Server/Fusion Middleware used in Fusion Cloud ERP? We have been notified by a vendor of a vulnerability to an attack… -
how to change label based on custom roleSummary: How to change a label based on custom role Content (please ensure you mask any confidential information): We are trying to change the label from sandbox which w…
-
If SSO is enabled, should the Oracle User Name be same as SSO email ID??Summary: If SSO is enabled, should the Oracle User Name be same as SSO email ID?? for eg: In SSO , email ID of employee is abd@company.com. And the user name in security…
-
Oracle fusion session inactivity timeoutHello, I've been asked if it's possible to increase the session inactivity timeout. As per the doc it doesn't look like this is possible. Is this still the case does any…
-
How to restrict access for users by calling their specific roles via page composer?Summary: Is it possible to restrict users from accessing certain functionalities by calling out their specific roles? Example. User1 has role 1 2 3 User2 has role 1 2 Is…
-
Can user reset the password once expired on user login screen by confirming last passwordI understand there is a forgot password link on login screen and user can reset the password by notification link. I just wanted to confirm if there are any ways to rese… -
How to skip Fusion SSO login page?Hello Employees in our organization access various Fusion HCM pages via deep links configured in our company's internal portal. For example, one link takes them to perso…
-
Custom Role created to replace Application Implementation Consultant RoleSummary: Hi, We have created a Custom Role to eliminate the license cost of Application implementation Consultant Role. We have added needed privileges and roles to the …
-
In Oracle fusion how to enable the predefined role under copy role of the priviledgeSummary: We wanted to create new role by copying the existing role so that we can remove or delete the specific privileges for that role. But our issue was we cannot upd…
-
Issue with Synchronizing Users from Azure Entra ID to OCI IAMI am working with a client's Active Directory and using Azure Entra ID. However, when I import the users to OCI IAM, it brings in the entire pool of users. I only need t… -
Agreed upon procedure - Fusion ApplicationAs per our internal audit team we want to enable "Agreed upon procedure (AUP)" on our Fusion instance. As per auditors this is enabled by Oracle which lets us track all …
-
Automatic Revocation of Roles assigned to Users based on End DateSummary: In old days of EBS, the Responsibilities assigned to Users had a Start Date and End Date. The Responsibility assigned to the user would be functional only betwe…
-
Is it possible to view login activity of users?Summary: We would like to be able to view how many times a user has logged into the oracle fusion environment and on what date. Is there a role/report within Fusion whic…
-
Enabling External Application Integration with Fusion SaaS Security ConsoleSummary: We are trying to enable external application integration like FDI, EPM FCCS, EPM ARCS with Fusion Security Console. For this, we have enabled profile option “OR…
-
Access HCM REST APIs using Oauth method by third party Integration PlatformSummary: Client is already using JWT token method to authenticate. They have their own integration platform through which they are connecting to fusion HCM REST APIs via…
-
How can some Audit details be reported in Oracle Cloud HCM?Hi, I need some application security details that the client requires. For Example; User Login and logout Roles assigned to the user and their changes Password change in… -
Deactivate user via HDLSummary: Dear all, please note that i have a requirement : disable a user via HDL, please advise. Thanks and best regards, Elia Content (required): Version (include the … -
Configure SSO to land on My Activity Center (Deeplink)Summary: It seems like SSO should allow us to use a deeplink that redirects the user to a specific page. However, I am unfamiliar with SSO configuration and need help wi… -
Is it possible to retrieve IP addresses and user activity logs for a specific dateHello, Is it possible to find out the following information in Oracle HCM Fusion: The IP addresses used by logged-in users for a specific date? Can a top-level log file … -
How can I tell if the user was created using SSO vs manuallySummary: I ran a user report in Oracle OTBI within fusion, and it isn't clear what user accounts are managed through SSO and which ones are manual Oracle accounts whose … -
Links of VB applications pointing to source after Fusion cloud ERP cloneSummary: Links of VB applications pointing to source after Fusion cloud ERP clone. When team members requests access, in the mail links are pointing to source instance. …
-
Are there a sign in and failed sign in attempt reports for Oracle Fusion financials.Summary: And is this data available in a table or via an api that we can export to analyze. Our auditors and IT security are requesting Content (please ensure you mask a…
-
Need login report with IP AddressSummary: In order to verify that LBAC security is working properly, we need a report of all logins with the following information: Username Date and time IP Address How …
-
How to find out who Provisioned Inherited role in the roleSummary: Hello I have a requirement to find out who provisioned inherited roles being added in the role, Is there anyway to get the information through SQL Query or navi…
-
Best practices for Service Account ManagementSummary: Best practices for Service Account Access Reset to avoid any impact on the business as usual Content (please ensure you mask any confidential information): Hi A… -
Oracle Health breachSummary: FYI and any additional infomration would be great. Our old SR was closed for the other even with the denial of the incident. So the other topic is closed, and t…