Supplier Management

Get Involved. Join the Conversation.

Topic

    Hong Gao
    Location Based Access Control (LBAC) for Supplier...
    Topic posted March 29, 2019 by Hong GaoGold Medal: 3,500+ Points, tagged Security, Tip 
    323 Views
    Title:
    Location Based Access Control (LBAC) for Supplier Portal Users
    Summary:
    Tips on using Location Based Access Control for Supplier Portal Users
    Content:

    You can use location based access to control user access to tasks and data based on their roles and the IP addresses of the computers from where they're signed in. This is particularly useful when you have supplier facing application like Supplier Portal deployed.  To achieve better security control, you want your internal users to have unrestricted access to tasks or features only when they're signed into the application from internal/corporate network. While for external users like supplier users, you want to restrict access to the application when users sign in from a public network to access supplier facing application like Supplier Portal.

    Here are the few steps to set this up for supplier portal users:

    • follow the instructions in the following document to enable Location Based Access Control for your application and add the identified IP addresses in the IP Address Whitelist
      LBAC - Steps to Enable / ENABLING LOCATION BASED ACCESS
    • identify the supplier facing roles that user can access from a public network.  Application provides a list of supplier facing job roles out of the box.  Based on your business need, you can identify the roles that can access tasks and data from a public network.  For example, you may want to encourage self service invoicing through supplier portal collaboration.  In this case, you decide to allow supplier users who have Supplier Accounts Receivable Specialist role to perform the tasks from Supplier Portal in the public network. 
    • follow the instruction in the following document and check the box for "Enable Role for Access from All IP Addresses" for the Supplier Accounts Receivable Specialist role.
      LBAC - Steps to Enable / ENABLING UNRESTRICTED ACCESS TO SPECIFIC ROLES

    Once these steps are completed, supplier portal users with the role Supplier Accounts Receivable Specialist will be able to manage self service invoicing from a public network. To extend supplier portal collaboration, you can follow these steps to make other supplier facing job roles public so that users with those roles can perform the related tasks and access data from public IP addresses.

    Please refer to the following links for more information on using LBAC:

    https://cloudcustomerconnect.oracle.com/posts/fdedd888ac

    https://docs.oracle.com/en/cloud/saas/global-human-resources/19a/ochus/managing-location-based-access.html#OCHUS3272236