My Oracle Support Banner

With 'Role Authorizer' Admin Role User Is Unable To Add/Remove Role Memberships (Doc ID 2095972.1)

Last updated on OCTOBER 14, 2020

Applies to:

Identity Manager - Version to [Release 11g to 12c]
Information in this document applies to any platform.


OIM 'Role Authorizer' is unable to add/remove role memberships.

Scenario: Have a user who has been assigned the "Role Authorizer" admin role for a specific organization, so expecting that with this role, the user will be able to assign or revoke role memberships for other users. That is, login to the self service console, manage --> roles --> look for a role --> members tab --> assign a member to the role.
However the UI does not allow this with a banner at the top saying: "View only mode:You do not have appropriate permissions to edit this page."

According to the docs, someone with the "Role Authorizer" role should be able to grant roles to others as a direct operation. See:

This is a 11g R2 PS2 document and could not find a 11g R2 PS3 or 12c specific version of "Users Guide for Oracle Identity Manager". There is a "Oracle® Fusion Middleware Performing Self Service Tasks with Oracle Identity Manager" (see: which does not mention at all what are the capabilities that one would expect if you had the Role Authorizer role for a specific organization

Why is a role authorizer unable to assign role memberships in OIM


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.