Categories
- All Categories
- 164 Oracle Analytics News
- 30 Oracle Analytics Videos
- 14.8K Oracle Analytics Forums
- 5.7K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 56 Oracle Analytics Trainings
- 13 Oracle Analytics Data Visualizations Challenge
- 4 Oracle Analytics Career
- 2 Oracle Analytics Industry
- Find Partners
- For Partners
FDI Security - Need ability to export groups to application roles mapping
We have done a lot of mapping between custom client groups and FDI application roles. I want to export this data from FDI to confirm it is how we intended and for historical recording.
To be clear what I'm talking about:
Navigation: FDI -> Security -> Groups (pick somthing like 'XXX Comp Admin - View All') -> Application Roles
This screen shows a list of application roles that we have assigned to this custom HCM role.
I want this exported from the system in one of two ways:
1) Expose the database tables to OAX_USER so that I can do my own SQL query ***This should be very quick and easy for Oracle to do***
or
2) Create a download to excel feature (like other downloads already implemented)
Comments
-
Any update on this?
0 -
Hi Martin,
Can you provide me with the business usecase on why you need to expose this information to the database tables ?
0 -
My goal is to get the data. I don't really care how it's done. I would think exposing the database table(s) this information is on would be the simplest (and quickest) for Oracle (I assume it's just a DB grant or two). That way people like myself can get to the data.
0 -
Hi Martin,
We do have a Out of the Box report in Common Folder.
Report Name:- Security Audit
Did you get a chance to review the report ?
0 -
Connecting this idea / thread to:
To confirm @Krishna Prasad Kotti-Oracle :
The Security Audit report has the right intention, but based on other posts it may not be working for customers as expected.
Security Assignment SA only provides insight into Security Assignments (e.g. HCM Business Units) per user.
Security Audit History SA captures an audit trail but User Names always null when the object type = Group_Role.Currently, the only way I can find is to ask our cloud engineering team (I would expect typically very removed from the typical FDI admin/developer group) to kick off a job in OracleIdentityCloudService.
The need to regularly review access is a core part of functional administration.
Upvoted.
0 -
Responding to bwdata…
To be clear, the information I want is Group to (licensed/data/duty) Application Roles. Group is in OCI but Application Roles are only in FDI so getting an export from OracleIdentityCloudService won't work because OCI doesn't know about Application Roles… Only FDI does.
Responding to Krishna Prasad Kotti-Oracle…
I've reviewed the report and don't think that will work.
—The report (and Subject Area its written off of) are showing me the events for people. I don't want events for people I want what it is now (regardless if its associated with a person).
—I do see records that don't have usernames listed but when I create my own report that has 'Group Name' and 'Role Name' every combination displays. That isn't correct. When you look at the Security screen in FDI admin only the correct one shows. I researched to try to figure out if its an 'Action Type' of 'ADD' and 'DELETE' but its not, its only 'ADD'. Furthermore the 'Created By' is 'system' who 'ADD' all of these records that don't really exist right now.
So when I review the 'Security Audit', I question that its even giving me the right data historically because I know I've never certain groups with certain roles.
Please reach out to me if you'd like to do a zoom call so I can show you what I mean.0 -
Thanks for the update. We will review this internally.
0 -
Hey @Krishna Prasad Kotti-Oracle Just checking to see if there are updates on this? This is a fairly common ask from customers to understand who has access to the environment, and what access.
Please let us know
2
