Oracle Cloud Infrastructure Documentation

Assign IDCS Application Roles to Groups

After an Oracle Cloud Infrastructure Process Automation instance is created, you must assign IDCS application roles to groups of users in Oracle Identity Cloud Service (IDCS) to allow them to access the Workspace Administration and Designer user interfaces of the Process Automation instance.

Note

This topic applies only to tenancies that do not use identity domains. See Differences Between Tenancies With and Without Identity Domains.
Note

It's a best practice to assign IDCS application roles to selected groups rather than individual users.

There are two predefined IDCS application roles in Oracle Cloud Infrastructure Process Automation: ServiceAdministrator and ServiceDeveloper. To learn more, see the IDCS Application roles section in Process Automation Roles.

  1. Open the navigation menu and click Identity & Security. Under Identity, click Federation.
  2. On the Federation page, select the OracleIdentityCloudService link to view the default Oracle Identity Cloud Service identity federation.
  3. On the Identity Provider Details page, select the Identity Provider Information tab (if not selected already) and click the Oracle Identity Cloud Service Console link.
    The IDCS console page opens.
  4. Open the IDCS navigation menu, and click Oracle Cloud Services.
  5. In the Oracle Cloud Services page, navigate to the Process Automation service instance for which you want to assign group roles.
    You can also search for the service instance by entering the prefix or string that begins the Process Automation service instance's display name.
  6. Click the instance to open the instance details page.
  7. Click the Application Roles tab.
    The available IDCS application roles are displayed.
  8. Select the role that you want to assign. In the tile for the role, click Menu icon and then select Assign Groups.
  9. In the Assign Group dialog, select the group(s) to which you want to assign the role, and click Assign.