My Oracle Support Banner

EEX 9.2: Delegate User With Only Edit Access At the Authorize Expense Users Component Can Still Submit A Travel Authorization On Behalf Of Employee (Doc ID 2276965.1)

Last updated on APRIL 10, 2019

Applies to:

PeopleSoft Enterprise FIN Expenses - Version 9.2 to 9.2 [Release 9]
Information in this document applies to any platform.



At the Authorize Expense Users - Employee page (EX_USR_EE_AUTH2), a Proxy/Delegate has been authorized to Edit an Employee's Expense transactions. As such, PeopleBooks states the following:

   + Authorization Level - Use the following options to set authorization level for the employee and the selected user ID:
      a.- Edit: Allow an authorized user to view, create, and edit a transaction for the employee. When this option is selected, the Submit button is unavailable for all expenses-relation transactions.
      b.- Edit & Submit: Allow an authorized user to view, create, delete, cancel, edit, and submit all expense-related transaction for the employee.
      c.- View: Allow an authorized user to view only the transactions created by an employee. If this authorization level is selected, the Employee ID field in the Created/Modify search page and in the My Wallet page is rendered unsearchable. Additionally, the Save and the Add buttons are unavailable to prevent the employee from deleting, modifying existing transactions or adding new transactions.

Give the above functionality design, a User with Edit access only should be able to create/update/view Expense transactions. However, it has been detected that while such Proxy/Delegate User can only create and edit Expense Reports, Time Reports, and Cash Advances, the system allows him/her to not only create new and view/update existing Travel Authorizations, but also submit them for approval.


     1.- Log into the FSCM Online Application as User ID VP1
     2.- Navigate to: Travel and Expenses > Manage Expenses Security > Authorize Expense Users
     3.- Open existing Employee ID KU0021
     4.- Add a new row listing User ID VP1, and selecting the option 'Edit' on the Authorization level
     5.- Save the changes
     6.- Navigate to: Employee Self-Service > Travel and Expense Center > Travel Authorizations > Create/Modify
     7.- Define Employee ID KU0021
     8.- Click on the ADD Button
     9.- Enter all the needed values to create a brand new Travel Authorization
     10.- Click on Save For Later, to save the new transaction
     11.- Continue by clicking on the 'Summary and Submit' link
     12.- Select the required check-box to un-gray the 'Submit Travel Authorization' button
     13.- Submit the Travel Authorization for approvals

To gather more information concerning this scenario and its related problem, refer to the available Replication Steps Word Document here linked containing the complete configuration and the replication steps necessary to reproduce the issue.


The Travel Authorization is routed to the approval levels required, and placed in 'Submitted For Approval' status, with the Submitted By listing User ID VP1. This User does not have access to submit expense transactions on behalf of this Employee, which causes problems with auditing.


According to PeopleBooks, if an Authorized Expenses User only have an Authorization Level of Edit, submission of any Expenses transactions on behalf of that Employee should not be allowed by the system.


NOTE: In the  attached document, user details / company name / address / email / telephone number represent a fictitious sample (based upon made up data used in the Oracle Demo Vision instance).  Any similarity to actual persons, living or dead, is purely coincidental and not intended in any manner.





To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.