Integration

Get Involved. Join the Conversation.

Topic

    Manoj Bagul
    Roles for FUSION_APPS_ICS_APPID Integration user to connect...
    Topic posted November 14, 2017 by Manoj BagulRed Ribbon: 250+ Points, last edited November 20, 2017 
    127 Views, 8 Comments
    Title:
    Roles for FUSION_APPS_ICS_APPID Integration user to connect to sales cloud
    Summary:
    Roles for FUSION_APPS_ICS_APPID Integration user to connect to sales cloud
    Content:

    I am trying to connect sales cloud application through ICS using sales cloud adaptor.

    As per documentation (https://docs.oracle.com/en/cloud/paas/integration-cloud-service/icssc/prerequisites-creating-connection.html#GUID-8B3B9A5B-1390-4432-B17B-6976B0A1D74E) we need to provide below three roles/privileges.

    ALL_INTEGRATION_POINTS_ALL_DATA

    SOA Operator

    FND_MANAGE_CATALOG_SERVICE_PRIV

    I am not able to find "ALL_INTEGRATION_POINTS_ALL_DATA" role in security console.

    Please the documentation seems to be still refering to APM. From R12 security tasks are done via Security Console.

    Has anyone used ICS to connect to Sales cloud using sales cloud adaptor.  What roles were provided to integration user.

    Regards,

    Manoj

    Comment

     

    • VenkataAshok Amirineni

      I believe some of the roles are not available with Release12. This is what an engineer confirmed in an SR.

    • Manoj Bagul

      Yes, We also got the similar response saying "ALL_INTEGRATION_POINTS_ALL_DATA" is not available in R12.

      They pointed us to documentation which talks about integrating sales cloud and service cloud.

      Link:  https://docs.oracle.com/cloud/farel12/salescs_gs/FAIOS/FAIOS1767680.htm#FAIOS1919500

      We tried steps for integration user. However, problem is still not resolved.

      Regards,

      Manoj

    • Ravi Sankaran

      Hello,

      While we modify our official document on ALL_INTEGRATION_POINTS_ALL_DATA, please refer this blog on FA security roles for integration user put together by ICS CoE Architect: https://community.oracle.com/blogs/jack.desai/2017/11/14/oracle-integration-cloud-fusion-applications-security-requirements

      This is for cloud customers using FA R12 (and creating new integration user) and R13. Customers using existing integration user from R11 with ALL_INTEGRATION_POINTS_ALL_DATA and upgraded to R12 will continue to work. Though this role won't be visible in Security Console.

      thanks

      Ravi

    • Manoj Bagul

      Thanks Ravi. That was helpful.

      However, we are still not able to connect to Sales Cloud. Getting below error.

      Unable to test connection "MDM_PDH___DO_NOT_USE". [Cause: CASDK-0002]

          CASDK-0002: Unable to connect to Cloud Application. Please check if the URL https://<<POD>>.scm.us2.oraclecloud.com/soa-infra/PublicEvent/catalog is valid and accesible.

          java.net.ProtocolException: Server redirected too many times (20)

          Server redirected too many times (20)

      Seems ICS having issue with accessing SCM WSDL.

      I tried similar steps for Integration user to connect to different Sales cloud instance. It worked fine.

      I am following up with support through SR.

      Regards,

      Manoj

    • Manoj Bagul

      Hi Ravi,

      In R11 we used to create Oracle SR for creating CSF key for ICS integration.

      From R12 I believe we can create the CSF key through soacomposer url for respective domain (SCM/CRM). Is my understanding correct? Or do we have to raise SR for creating CSF key in R12 also.

      Regards,

      Manoj

    • Ravi Sankaran

      Yes. You are correct.

      From Release 12 onwards, SOA Composer provides a self-service capability for maintaining rhe CSF Key

      However, dep on when your POD was provisioned there might be a need for one time SR to enable SOA Composer for maintaining CSF Key

      Ravi

    • Vijay Guda

      This needs to be fixed on the sales cloud .

      Steps to be executed on sales cloud:

      In a browser window, enter the URL to the Oracle Access Manager .

      For example:

           https://hostname:port/oamconsole/

        1. Log in into oamconsole.

      2. In the left tab, navigate to Application Domains/soa/Resources

      3. Select "HTTP" for Resource Type and click search.

      4. In the list, select "/soa-infra/PublicEvent*" and click on the modify icon

      5. Change "Policy Level" value to be "Protected". Keep the default value of

      "Authentication Policy" which is "Policy using Basic Authn Scheme". Click

      "Apply"

      6) Repeat steps 4 and 5 for "/soa-infra/PublicEvent/...*"

    • Manoj Bagul

      Thanks Vijay.

      Oracle support confirmed that operations team performed some action ( they didn't mention which) at server on policy level. I believe they are same steps as you mentioned. This has resolved the issue.

      Regards,

      Manoj Bagul