Auto-Provision Rules in Oracle CLOUD ERP

In Oracle Fusion applications, auto-provision rules are used to assign roles to users automatically based on certain criteria.

Auto-provisioning is an automatic allocation or removal of user roles. It occurs for individual users when you create or update an assignment. You can also apply auto-provisioning explicitly for the enterprise using auto-provision roles for all users’ processes.

Let us create auto-provision rule and assigned to user:

Navigate to Setup and Maintenance — — -> Manage Role Provisioning Rules.

Click on + icon to create new role mapping.

Here we can give different conditions based on which we can create mapping. It will assign roles to the user automatically when the condition gets satisfied.

Let us create sample role mapping with some condition.

Example,

Let us create role mapping with below conditions:

1. Legal Employer=”US LEGAL ENTITY”
2. Business Unit =”US1 Business Unit”
3. System Person Type =” Employee”
4. Job=”IT Analysts”
5. Department:” Marketing Department”

When a user is created with the above conditions, we will assign certain rules to that user.

Click on + icon under “Associated Roles”.

Here we added two seeded roles “Accounts Receivable Manager” and “Accounts Payable Manager”.

Enable check box — Auto provision.

Click on Save and Close.

Click on Ok.

Here we can see, Role Mapping is created now.

Now let us create a new user with System Person Type as Employee.

Navigate to Manage Users.

Click on + icon.

It will open User creation page.

Here, provide all details which we used in condition while creating mapping rule.

Click on “Auto provision Rules”

Two roles which we added in mapping rule are automatically assigned to this user using Auto provision.

Click on Save and Close.

Let us validate same from user Account screen.

Navigate to Tools →Security Console — -> Users.

Here we have generated roles automatically by clicking on “Auto provision” button. For multiple users, it is not possible. Hence, we have ESS job “Auto provision Roles for All Users”.

Usually, these requests are scheduled in production.