How to restrict SCIM APIs to read-only access in Oracle HCM Cloud?
Summary:
Read-only access for API in Oracle HCM Cloud
Content (please ensure you mask any confidential information):
We’re integrating with Oracle HCM Cloud and using the SCIM APIs:
- /hcmRestApi/scim/Users
- /hcmRestApi/scim/Roles
- /fscmRestApi/fndAuditRESTService/audittrail/getaudithistory
Currently, when I assign the Use REST Service – Identity Integration privilege (ASE_REST_SERVICE_ACCESS_IDENTITY_INTEGRATION_PRIV), my integration user can successfully call GET on these endpoints — which is expected.
However, I noticed that the same privilege also allows POST on /scim/Users, and that’s not what we want. Our requirement is to have read-only access to these APIs (no create/update/delete)
Tagged:
0