PeopleSoft Delivered Security Roles and Permissions

March 16, 2023 | 2 minute read
Greg Kelly
Product Strategy Director - Security
Text Size 100%:

This is a question which comes up occasionally.
One recent enquiry prompted this blog post. To find a list of delivered User ID’s, Roles, and Permission Lists.
 
MOS Document ID with links to understand scope of PeopleSoft Special Roles:
E-SEC: Is There a Comprehensive List Of "Special" Roles?
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2524423.1
Note from the MOS posting: “In short no there is no such list.”
 
However, to save you from trawling through PeopleBooks to find the information, we are providing this list. Please let me know if you have items which would be useful to include in a future updated posting, thanks.

PeopleSoft Administrator
https://docs.oracle.com/cd/F75887_01/pt860pbr2/eng/pt/tsec/UsingthePeopleSoftAdministratorRole-24775c.html

PeopleTools Web Server
PeopleTools Web Server role is only used for the delivered PTWEBSERVER user ID.

PeopleSoft User
https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tsec/UsingthePeopleSoftAdministratorRole-24775c.html

Portal Administrator
https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tprt/PortalRegistry-c071ee.html

ProcessSchedulerAdmin
https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tprs/GrantingaPeopleSoftProcessSchedulerSystemAdministrationRole-dc0776.html

ReportDistAdmin
https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tprs/AdministeringReportManager-c07146.html

ReportSuperUser
https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tprs/AdministeringReportManager-c07146.html

Security Administrator

The Security Administrator role has a single permission list : PTPT1100.
The PTPT1100 permission list grants access to a number of components.  These include components for configuration, system administration, user account management, and diagnostics.  Access is also granted to some client-side administrative and development tools, e.g. Application Designer and Data Mover.
 

Data Mover
https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tlcm/UnderstandingPeopleSoftDataMover-077b0a.html

Search Administrator
https://docs.oracle.com/cd/F75887_01/pt860pbr2/eng/pt/tpst/ApplyingPeopleSoftPermissions.html

PeopleTools    Link to Categories of PeopleTools and respective PeopleBooks: https://docs.oracle.com/cd/F70249_01/pt860pbr1/eng/pt/tgst/PeopleToolsProduct_FeaturePeopleBookIndex.html

Summary of Delivered Security Data
https://docs.oracle.com/cd/F75142_01/ps91pbr15/eng/ps/psad/SummaryofDeliveredSecurityData-527273.html

Additionally, this is the role query to find out what pages the role grants access to: PT_SEC_ROLE_PAGES
 You can clone and remove the role prompt from criteria and add the role list to get a list of which pages the roles give access.

Additionally, you can see how application security is set up here, there is some overlap:
Understanding PeopleSoft Security (HCM)
https://docs.oracle.com/cd/F75146_01/hcm92pbr45/eng/hcm/hhaf/UnderstandingPeopleSoftSecurity-e32979.html
- Understanding PeopleSoft Security
- Understanding Data Permission Security for HCM
- Implementing Data Permission Security
- Implementing Sensitive Data Masking
- Setting Up and Assigning Tree-Based Data Permission
- Assigning Role-Based Data Permission Security to Permission Lists
- Refreshing Security Join Tables
- Querying Data Permission Security
- Creating Data Permission Security for Managers
- Creating and Locking User IDs
- Setting Up Security for Local Functionality
- Modifying Data Permission Security

Understanding PeopleSoft Application Security (FSCM)
https://docs.oracle.com/cd/F72818_01/fscm92pbr46/eng/fscm/fspf/UnderstandingPeopleSoftApplicationSecurity-9f1518.html
- Understanding PeopleSoft Application Security
- Specifying System Security Options
- Defining Security Views
- Defining Row-Level Security
- Granting Access to Users
- Securing Advanced Queries

You can also review ELK Roles:
PeopleSoft Deployment Packages for Elasticsearch, Logstash, and Kibana Installation (PeopleSoft PeopleTools 8.60)
Search for:
Task 4-2-2: Verifying PeopleSoft Roles for All Installations
https://docs.oracle.com/cd/F71127_03/psft/pdf/PeopleSoft_Deployment_Packages_ELK_Installation_PeopleSoft_PeopleTools8.60_January2023.pdf

See also:

Security Administration Implementation
https://docs.oracle.com/cd/F75887_01/pt860pbr2/eng/pt/tsec/SecurityAdministrationImplementation-c07653.html

Scroll down to ...

Reviewing and Monitoring Your Security Implementation

"PeopleSoft provides a collection of predefined queries that enable you to review, monitor, and audit system access by user, role, and permission list so that you can detect discrepancies. ..."
 

Remember, please let me know if you have items which would be useful to include in a future updated posting, thanks.

Enjoy!
 

Greg Kelly

Product Strategy Director - Security

I joined PeopleSoft in 1998. In Oracle I am now with the PeopleTools Strategy team with responsibility for PeopleTools security, the security of PeopleSoft in the broader enterprise, Enterprise Manager plug-in for PeopleSoft, PeopleSoft Health Center, PeopleSoft Performance Monitor, PeopleSoft Data Archiving Manager and other bits and pieces!!


Previous Post

POW! Efficiently keep your PeopleSoft PUM images current with PAU

Guest Author | 5 min read

Next Post

Time to Say Good Bye to CKEditor 4 and Welcome CKEditor 5 in PeopleSoft HCM, FSCM and HR Helpdesk

Venkatesh Kotikalapudi | 2 min read
Resources for
Why Oracle
Learn
What's New
Contact Us