Restrict access to BI Publisher only for App role

VijayDC

HI All,

In OAC environment is it possible to create an application role similar to BIServiceAdministrator, which can only access BIP URL. no access to Classic BI analytics and DV.

we like to restrict access to current Dev/admin team who are developing analysis in Classic BI Analytics.

TIA

GayathriAnand-Oracle

You can restrict Access to Answers, Access to Dashboards using Manage Privileges. There is no privilege setting specific to DV. There is fine grained permissions in dv where you can restrict create dataset, connection, etc. however the endpoint access cannot be restricted.

VijayDC

@gayathri

Thank you for the reply

SteveF-Oracle

@VijayDC Given that the endpoint cannot be restricted as @GayathriAnand-Oracle mentioned, some other potential alternatives.

• File an Idea lab request with your specific detailed use-case.Similar to this example (which is slight different from what you are requising):
  
  https://community.oracle.com/products/oracleanalytics/discussion/19895/need-a-lower-role-than-bi-service-administrator-which-can-be-assigned-to-users-to-monitor-the-jobs?utm_source=community-search&utm_medium=organic-search&utm_term=access+publisher+only
  
  
• You potentially may be able to explore a custom solution using a web application firewall (WAF) for blocking endpoints with specific access rules.
  
  https://blogs.oracle.com/ateam/post/using-a-web-application-firewall-with-private-oracle-analytics