@Michal Zima The Fusion Middleware documentation was recently changed and spaces are now allowed int the underlying policy store. OAC will follow suit and will allow spaces in application role names. This change is not in the November update but is in progress. This change is likely (but not yet confirmed) to be in the…

This API is SOAP not REST so you need to send the appropriate SOAP message in the payload when using something like curl.

This Idea is from a while back, but I just came across it in a search. The functionality is in the UI as documented here:

We have a new report you can run to retrieve agent information but this is UI only: You can also use the runcat CLI (documentation embedded in the CLI help) or the WebCatalog serice (SOAP) to look at agent metadata: You can invoke agents using the executeIBotNow() SOAP operation

@GK48 user-defined app roles should neither gain nor lose functionality when a new permission is added. Predefined app roles on the other hand may gain functionality if a net new feature is added. As an example of how this works, in the July update the following export-related permissions were added: Download File-Based…

@GK48 Data flow exports are DVA. When we add a new permission for net new functionality, the new permission is granted to one of the predefined application roles. So you will need to decide whether or not to grant the permission to your user-defined application roles. When we add a new permission that controls a subset of…

OAS delegates authentication and SSO to one of the certified identity management products. It is rare to use the embedded Weblogic LDAP in a production environment and not recommended. If you are using an external identity system -use that product's functionality to provide a user password reset.

@GK48 The new Export Content permission allows a user to export content to a DVA file. This includes workbooks and data flows and their dependencies (e.g. datasets). We do not have a permission specific to export data flow. You are the first to ask for one! Take a look at the various new permissions added in the July…

I've marked this Idea as 'current capability' although I accept there is no event-based audit.

We do not have event-based audit for these privileges but you can run periodic reports to list who has these privileges. Please review the OAS docs for using runcat to report classic privileges: Alternatively you can use the SOAP API getGlobalPrivileges: Creating queries against the BIPlatform schema to reverse engineer a…