Before You Begin
This 20-minute tutorial shows you how to manage user roles using the userAccounts REST API.
Before you begin, you should have access to a user whose account you can modify who has at lease one role that you can delete.
Query a User Account by User Name
If you completed the Manage User Accounts tutorial, this exercise is completed. You may need to modify the Username in the parameter, but you can simply re-run the Query Account by User Name REST call.
Add a request to ##_UserAccountsCollection.
- Give the request the name Query Account by User Name.
- Click Save to ##_UserAccountsCollection.
- Specify the method as GET.
Enter the url:
Note:Replace UserName in the URL with the user name of the user whose account you are accessing.
{{url}}/hcmRestApi/resources/11.13.18.05/userAccounts?q=Username = 'john.b.doe@example.com'
Give the request the following headers:
Note: Headers can be saved in presets in postman for reuse.
Key Value REST-Framework-Version 4 Click Send.
The response should be 200 OK.
- Click Save.
View the Assigned Roles
In the response for Query Account by User Name click the collection link for the userAccountRoles.
- Click Save As and give the request the name View the Assigned Roles.
- Click Save to ##_UserAccountsCollection.
Click Send.
The response should be 200 OK.
- Click Save.
Revoke a Role
In the response for View the Assigned Roles click the self link for the userAccountRoles item you will delete.
- Click Save As and give the request the name Revoke a Role Access.
- Click Save to ##_UserAccountsCollection.
- Specify the method as DELETE.
Give the request the following headers:
Note: Headers can be saved in presets in postman for reuse.
Key Value REST-Framework-Version 4 Content-Type application/vnd.oracle.adf.resourceitem+json Click Send.
The response should be 204 No Content.
- Click Save.
Assign a New Role to a User Account
Get Role Id
Create a new request called Get Role Id.
- Click Save to ##_UserAccountsCollection.
- Specify the method as GET.
Enter the url:
Note:Replace RoleCode in the URL with the role code of the data role you created in the Get Started with User Accounts REST API - Authorization tutorial. If you would like to use a different role, ensure it is assignable via the role provisioning rules.
{{url}}/hcmRestApi/resources/latest/rolesLOV?q=RoleCode = '##_HUMAN_CAPITAL_MANAGEMENT_INTEGRATION_SPECIALIST_JOB_ALL_DATA'
Give the request the following headers:
Note: Headers can be saved in presets in postman for reuse.
Key Value REST-Framework-Version 4 Click Send.
The response should be 200 OK.
- Click Save.
- Copy the RoleId.
Assign a Role to a User Account
In the response for Query Account by User Name click the collection link for the userAccountRoles.
- Give the request the name Assign a Role to a User Account.
- Click Save to ##_UserAccountsCollection.
- Specify the method as POST.
Give the request the following headers:
Note: Headers can be saved in presets in postman for reuse.
Key Value Content-Type application/vnd.oracle.adf.resourceitem+json REST-Framework-Version 4 Add the request body. None is selected by default, raw must be used to add content.
Value replacements will need to be made in the body for your person id and user name.
Request Body:
{ "RoleId": "123456" }
Click Send.
The response should be 201 Created.
- Click Save.
Want to Learn More?
- HR Integrations Forum
- REST API for Oracle HCM Cloud: Quick Start
- REST API for Oracle HCM Cloud: Manage User Accounts
- REST API for Oracle HCM Cloud: Manage User Account Roles
- REST API for Oracle HCM Cloud: User Accounts
- Application Security Forum
- An Introduction to HCM Security in the Cloud
- Oracle University: Oracle HCM Cloud Security
- Idea Lab – HR Integration, Security, & Updates