Oracle HCM Cloud has Location Based Access Control, which an excellent feature to control user access to tasks & data based on their roles and IP addresses. We will discuss LBAC in details in a separate article but at first let’s understand how to enable this feature. You do need IT Security Manager role to access the security console. To avoid any incorrect setup, by default LBAC is neither enabled nor visible.
Security Console -> Administration Tab : location based access control page is hidden.
You need to update "Enable Access to Location Based Access Control" profile option via FSM. Navigate to Setup and Maintenance > Manage Administrator Profile Values and set the profile value to Yes at the site level.
There is no system bounce or sign-out necessary. Simply go back to the security console now and you should be able to access setup pages to configure LBAC.
To disable location based access, deselect the Enable Location Based Access check box. The existing IP addresses remain in a read-only state so that you can reuse the same information when you enable the functionality again. At that point, you can add or remove IP addresses based on your need.
My favorite section for sure! As a security admin you need to have an action plan in place incase one of your engineers does the incorrect setup (which may prevent you from using your IT Security Manager Role). Please review following steps and you can easily recover without any panic.
Make sure you have an admin user with the following privileges (IT Security Manager role will have these privileges):
Good luck with your implementation...