How to Restrict the Visibility of the Accounts and Entitlments tabs for Requesters But Keep it for the Owners
(Doc ID 2251631.1)
Last updated on MAY 01, 2023
Applies to:
Identity Manager - Version 11.1.2.3.5 and laterInformation in this document applies to any platform.
Goal
This document presents an OIM UI customization, that will allow the requester users to raise requests for other users, but will restrict the requester users from seeing what other Accounts and Entitlements are already assigned to the target users.
Example:
1. user A and user B both are from the same organization
2. User A should be able to raise request for accounts provisioning for user B. At the same time, user A should not be able to view the accounts and entitlements details of User B.
Issue : To provide end user with capability to raise request for others for accounts or entitlements we need the "Grant user entitlement" Admin Role to User A.
But the "Grant user entitlement" is a kind of parent capability for the "Entitlement entity" and if this is provided to end user, then he/she will automatically inherit view account and entitlement capabilities.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |