My Oracle Support Banner

Access Policy Harvesting Steps for Reconciled Entitlements (Doc ID 2003107.1)

Last updated on MARCH 13, 2019

Applies to:

Identity Manager - Version and later
Information in this document applies to any platform.


There is an entitlement which is part of an access policy. But a user in OIM gets this entitlement via reconciliation. Then the User is given a OIM Role which is attached to the access policy which provisions the same entitlement. Later when that OIM role is taken away from the user, the access policy evaluation does not remove the entitlement. The entitlement can only be removed via a direct revocation of the entitlement. 

How to use access policy harvesting to manage such entitlements which are reconciled so those are managed by the access policy?



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.