3

Innovation Management
Administration: Lesson 3
User Accounts and Application Configuration

Copyright © 2017, Oracle and/or its affiliates. All rights reserved.

Lesson Objectives

After completing this lesson, you should be able to:

• Create user accounts
• Create custom roles

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-2
Topics

• User Accounts
• Roles and Privileges

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-3
Start an Implementation

• Use initial administrator user to create other user accounts

• Add key roles for user accounts:
– Employee (Ideas)
– Product Manager (Concepts, Proposals, Requirements)
– Product Portfolio Manager (Product Portfolios)
– IT Security Manager (Create/manage users and create/manage roles)
– Application Implementation Consultant (Perform implementation tasks)
• Configure objects and page attributes as needed

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-4
Two Types of User Accounts

Application Users:
• Intended for users who will perform business operations in the application.
• Able to:
– Be Idea team member
– Be Proposal approver
– Be Concept team member and approver
– Be Requirements Specification team member and approver
– Be Requirement team member and approver
– Use Oracle Social Network (OSN)
Implementation Users:
• Intended for users who will implement and administer the application.
• Not able to be a team member or approver, or use OSN.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-5
Innovation Management User Accounts

• To create application user accounts, use Setup task: Product Management > Users and
Security > Manage Users
• To create implementation user accounts, use the Security Console
• To apply roles to any user accounts, use the Security Console
• To access the Security Console, you must have the IT Security Manager role.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-6
Create User Account Process Flow

Application User

Create User Add Roles Set Password

(Setup Task: (Security (Security
Manage Users) Console) Console)

Implementation User

Create User
Set Password Add Roles
(Security (Security
Console) Console)

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-7
Create an Application User Account

• Open the Setup task: Product

Management > Users and Security >
Manage Users
• Click the Create User button.
• Fill in key information such as name
and email address.
• Starred fields are required.

• After creating the user account,

go to the Security Console to add
privilege roles.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-8
Create an Implementation User Account

• Open the Security Console

• Click the Users tab
• Click the Add User Account button
• Fill in key information
such as name and
email address
• Starred fields are
required

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3-9
Assign Roles to User Accounts

• Open the Security Console

• Search for and open the user account
• Click the Edit button
• Click the Add Role
button to search for
and assign desired
roles

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 10

Important Roles

• Assign users the roles they need to effectively work in Innovation Management.
• Important roles include:

Role Title Enables

Product Manager Proposals, Concepts, Requirements
Product Portfolio Manager Portfolios
Product Design Manager Concepts, Concept Components, Requirements
Product Design Engineer Concept Components, Requirements
Employees Ideas

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 11

Oracle Project Portfolio Management Cloud

• Project Work Items relate other objects to a task

• They designate which object status completes the task
• Innovation Manage objects that apply:
– Requirements Specifications
– Concepts
– Proposals

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 12

Enabling Users for Projects

• To work with projects the user must first be added as an Enterprise Resource.
– Add the user through the Project Execution Management > Project Execution >
Manage Project Enterprise Resources task (Show All Tasks).
– Make sure to select the “Create from HCM person” check box and then select the
user from the HCM Person list.
– The user account must be an Application User not an Implementation User.
• To use Project Portfolio Management the user must have one of the following roles:
– Project Team Member: access to any tasks to which you are assigned
– Project Manager: access all projects that you have created
– Project Administrator: create and access projects
– Project Creator: create projects

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 13

Practice 3-1: Creating User Accounts

In this activity, you will perform the following:

• Navigate to the Manage Users task.
• Create an application user account
• Navigate to the Create Implementation Users task.
• Create an implementation user account.
• Add roles to each account.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 14

Topics

• User Accounts
• Roles and Privileges

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 15

Object Security

• The primary means of object security is through Teams.

• Although administrators can create custom roles that control access to objects in a
broad manner, doing so is complex and may have unintended outcomes.
• Implementers and administrators are encouraged to use the standard roles as much as
possible.
• Access to and use of objects is controlled by a
combination of roles and team assignment.
• A role provides privilege for an object type while
being added to a team provides access to a specific
object instance.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 16

Roles and Privileges

• Roles are assigned to user accounts.

• Functional Security Policies and Data Security Policies are assigned to roles.
– Functional Security Policies define an ability or privilege for an object.
– Data Security Policies define limits or conditions as to when a Functional Policy
applies.
• A role can inherit from another role.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 17

Roles and Privileges Diagram

Product Proposal Mgmt Role Product Design

Functional Privileges Engineer Role
•Accept Product Idea
•Manage Product Proposal
•Review Product Proposal
Data Security Concept Development Role
•Read, Update, Delete Functional Privileges
•Review Product Concept
Contains •Manage Product Component
Product Manager •Review Product Requirement
Data Security
Role
•Read, Update, Delete

Requirement Management Role

Functional Privileges
•Create Product Requirement
•Manage Product Requirement
•Review Product Requirement
Data Security
•Read, Update, Delete

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 18

Create or Modify Roles

• To create or modify a role use the Security Console.

• Use the Roles tab to create, review, modify, and compare roles.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 19

Create a Custom Role

• Create a role and the needed privilege entitlements.

• Assign the specific resource
condition to the role.
• Add a condition, if needed, to
the data security resource of
the object.
• Assigned roles are additive.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 20

Demonstration 3-2: Exploring a Role

In this demonstration, the instructor will review the Security Console and two roles.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 21

Practice 3-3: Creating a Custom Role

In this activity, you will perform the following:

• Navigate to the Security Console.
• Create a custom role that allows you to only work with a specific idea type.

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 22

Lesson Summary

After completing this lesson, you should have learned how to:
• Create user accounts
• Create custom roles

Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 3 - 23