My Oracle Support Banner

Requester Has the Access to Use Another Requester's PCard Without Being A Proxy (Doc ID 2255757.1)

Last updated on FEBRUARY 04, 2019

Applies to:

PeopleSoft Enterprise SCM Purchasing - Version 9.2 and later
Information in this document applies to any platform.


Requester has the access to use another Requester's PCard without being a Proxy. 

A requester that has the authority to create requisition for a user but is not a proxy to that user's PCard, should not be able to access that user's PCard, but should be able create a requisition on behalf of the user.

The Proxy functionality should not be overridden by the Authority to create a requisition on behalf of another user in User Preferences.

The issue can be reproduced at will with the following steps:
1 - Create DEMOUSER profile
2 - Create requester setup for DEMOUSER
3 - DEMOUSER user preferences
4 - User VP5 is setup as an “Authorized Requester” for User DEMOUSER with the ability to Add, Update and Cancel requisitions on behalf of DEMOUSER
  (User Preferences > Define User Preferences > Procurement > Requisition Authorizations > Requesters User Authorization)
5 - VP5 is not setup as a Procurement Card Proxy on DEMOUSER’s procurement card (Pcard). Only DEMOUSER is setup as a proxy on the card
6 - Login as DEMOUSER
7 - Create epro requisition
8 - Login as VP5
9 - VP5 copying requisition created by DEMOUSER
10 - Card number should not be accessible to VP5 (not a proxy on DEMOUSER’s pcard)
11 - Was able to save the requisition.
According customer:
• Same scenario holds true when VP5 creates a new requisition on behalf of DEMOUSER
• VP5 is able to use DEMOUSER’s Pcard even though VP5 is not a proxy on DEMOUSER’s Pcard


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.