Missing Group Administrator Role In The ACL

(Doc ID 1334908.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Identity - Version: and later   [Release: and later ]
Information in this document applies to any platform.


A Group Administrator cannot search for users and add users to his/her assigned group. This is because the Group Administrator role must be authorized for read access to user attributes via User Manager "Attribute Access Control". However, the Group Administrator role is not listed as one of the selectable roles in User Manager Attribute Access Control. See attachment.

What is the method for granting a Group Administrator read access to user object attributes? Can the Group Administrator role be added to the User Manager "Attribute Access Control" role list so it can be selected when authorizing access to user object attributes?


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms