How to Restrict the Visibility of the Accounts and Entitlments tabs for Requesters But Keep it for the Owners
Last updated on JANUARY 31, 2018
Applies to:Identity Manager - Version 184.108.40.206.5 and later
Information in this document applies to any platform.
This document presents an OIM UI customization, that will allow the requester users to raise requests for other users, but will restrict the requester users from seeing what other Accounts and Entitlements are already assigned to the target users.
1. user A and user B both are from the same organization
2. User A should be able to raise request for accounts provisioning for user B. At the same time, user A should not be able to view the accounts and entitlements details of User B.
Issue : To provide end user with capability to raise request for others for accounts or entitlements we need the "Grant user entitlement" Admin Role to User A.
But the "Grant user entitlement" is a kind of parent capability for the "Entitlement entity" and if this is provided to end user, then he/she will automatically inherit view account and entitlement capabilities.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms