Oracle Identity Manager (OIM) 11g and Oracle Identity Governance (OIG) 12c With 'Role Authorizer' Admin Role User Is Unable To Add/Remove Role Memberships
(Doc ID 2095972.1)
Last updated on DECEMBER 23, 2022
Applies to:
Identity Manager - Version 11.1.2.3.0 to 12.2.1.3.0 [Release 11g to 12c]Information in this document applies to any platform.
Symptoms
OIM "Role Authorizer" is unable to add/remove role memberships.
Scenario: Have a user who has been assigned the "Role Authorizer" admin role for a specific organization, so expecting that with this role, the user will be able to assign or revoke role memberships for other users. That is, login to the self service console, manage --> roles --> look for a role --> members tab --> assign a member to the role.
However the UI does not allow this with a banner at the top saying: "View only mode:You do not have appropriate permissions to edit this page."
EXPECTED BEHAVIOR
-----------------------
Within Table 13-2 Admin Roles in Oracle Identity Manager, someone with the "Role Authorizer" role should be able to grant roles to others as a direct operation.
This is a 11g R2 PS2 document and could not find a 11g R2 PS3 or 12c specific version of "Users Guide for Oracle Identity Manager". There is a "Oracle® Fusion Middleware Performing Self Service Tasks with Oracle Identity Manager" document which does not mention at all what the role capabilities are for Role Authorizer for a specific organization.
Why is a "Role Aauthorizer" unable to assign role memberships in OIM 11.1.2.3.X/OIG 12c?
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |