Monday, February 22, 2016

Accessing Approval Management Engine (AME)

Accessing Approval Management Engine (AME)

Accessing Approval Management Engine (AME) is not possible as we access other responsibility / functions in Oracle Applications like Order Management / Application Developer etc.

AME is controlled by RBAC (Role Based Access Control). So in this case even you assign responsibility to the user but if user don't have the appropriate roles then you will not be able to access Approval Management functions.

There are two seeded responsibility for AME :-
  • Approvals Management Administrator
  • Approvals Management Business Analyst
Let's assign the responsibility directly to user and see what happens.

 Login with respective user.
Chose Approval Management Responsibility
You will receive below error.
With the screen shots above we can see that even though the responsibility is assigned to user while trying to access it, It says There is no valid navigation for this responsibility.

Accessing AME is two step process :-
  • Assign the required roles to the user : This will give user access to use Approval Management functions.
  • Grant access to respective AME transaction type : This will provide access to AME transaction type. If we don't perform this step then we will be able to access AME responsibility but will not be able to access any transaction types.
We have following seeded roles provided by Oracle that can be used to access AME.
  • Approvals Management Administrator
  • Approvals Management Business Analyst
  • Approvals Management Process Owner
  • Approvals Management System Administrator
  • Approvals Management System Viewer
Step -1 : Assign the Roles
  • Login with administrator sysadmin user.
  • Navigate to User Management -> User.
  • Enter User Name and click on Go to find the user.
  • Click on Update button
  • Click on Assign Roles button.
  • Search the role 'Approval Management Administrator' from LOV and select it.
  • Based on the role chosen you will see number of functions added under users roles.
Step -2 : Grant Access to Transaction Types
  • Login with administrator sysadmin user.
  • Navigate to Functional Administrator -> Grants -> Create Grants.
  • Enter a name and description for the Grant
  • Enter effective from date and optionally effective to date.
  • Select Grantee Type from Security Context region
    • All Users : The grant will be applied to all the users and all users will be given same right / privileges that is part of this grant. 
    • Group Of Users : The grant will be applied to users those are part of the group.
    • Specific User : Grant will be applicable of specific set of users that you select.
  • I have opted for specific user.
  • In addition to this you can also choose Operating Unit and Responsibility to make is more secure. Say you want to provide a user to AME access to US operating Unit only. In that case you can choose operating unit. If there is not such restriction required then leave it blank.
  • From Data Security region select an object. In our case it will be 'AME Transaction Types'
  • Click Next
  • In the Data Context Type select 'All Rows'.
  • Select 'AME Transaction Types' as permission set and click Next to review the setup.
  • Finish to complete.

No comments:

Post a Comment

How to improve blog performance

Improving the performance of a blog can involve a variety of strategies, including optimizing the website's technical infrastructure, im...