Oracle Identity Manager (OIM) 11g and Oracle Identity Governance (OIG) 12c With 'Role Authorizer' Admin Role User Is Unable To Add/Remove Role Memberships (Doc ID 2095972.1)

Last updated on DECEMBER 23, 2022

Applies to:

Symptoms

OIM "Role Authorizer" is unable to add/remove role memberships.

Scenario: Have a user who has been assigned the "Role Authorizer" admin role for a specific organization, so expecting that with this role, the user will be able to assign or revoke role memberships for other users. That is, login to the self service console, manage --> roles --> look for a role --> members tab --> assign a member to the role.
However the UI does not allow this with a banner at the top saying: "View only mode:You do not have appropriate permissions to edit this page."


EXPECTED BEHAVIOR
-----------------------
Within Table 13-2 Admin Roles in Oracle Identity Manager, someone with the "Role Authorizer" role should be able to grant roles to others as a direct operation.

This is a 11g R2 PS2 document and could not find a 11g R2 PS3 or 12c specific version of "Users Guide for Oracle Identity Manager".  There is a "Oracle® Fusion Middleware Performing Self Service Tasks with Oracle Identity Manager" document which does not mention at all what the role capabilities are for Role Authorizer for a specific organization.

Why is a "Role Aauthorizer" unable to assign role memberships in OIM 11.1.2.3.X/OIG 12c?

Changes

Cause