Applications Security

Get Involved. Join the Conversation.

Topic

    Bradley Hughes
    Release 12 - Security Console Challenges and Colleague...
    Topic posted April 26, 2017 by Bradley HughesSilver Trophy: 7,500+ Points, tagged Financials, HCM, Other, Procurement, Project Portfolio Management, Sales, SCM, Security, Tip 
    180 Views, 4 Comments
    Title:
    Release 12 - Security Console Challenges and Colleague Password Reset Queries
    Summary:
    Help to resolve password resets for colleagues that have no Email and now no security questions
    Content:

    Hello,

    After reviewing the functionality within the Security Console for R12, we have discovered there are now no Security Questions available. The only functionality we can see that allows a colleague to reset their forgotten password, will require a Work Email Address. If Colleagues have no Work Email address, they will have to contact the operation in order to reset their password.

    The colleague can then log into Fusion immediately, without being prompted to change their password after initial log in. The Employee can reset their password by 'set preferences' but this is a manual task.

    Is anybody aware of any available functionality that allows a user, without an email address in the system to reset their password? or any workarounds that will prevent a huge volume of calls to the operation, due to a high volume of colleagues having no Work Email address,

    Kind Regards,

    Brad

    Comment

     

    • Susmitha Devarapalli

      We are also having something similar issue.. especially with new hires account generation notification.

      Before release12 we used alternate email-address to send the new account username and pswd information. Then that email was fwd to HR manager of that employee. Now we have no way of communicating the username and initial pswd  if the emp doesn't have the email address.

       

      Thanks

      Susmitha

      • Juan Rendon

        Did you find any solution for this issue?

        • Bradley Hughes

          Hi Juan, 

          Unfortuantely not without some headache. We have rolled out a lot more business email accounts and in some cases HDL'd personal email accounts into the Security console in order to facilitate the initial user account generation process. We have also streamlined the process in order to prevent chaos within the operation, also taking into account the security access needed within the system. We created a role to grant password resets only, preventing role management by operational colleaguess. After assessing the process, the impact is not as big, and even though users can use personal emails to trigger password resets, there is still an operational aspect to a number of password resets.

          Kind Regards,

          Brad

    • Kishore Padala
      Fusion Applications Release 12 or higher offer a new feature called SCIM REST API that allows for security management and administration by using industry standard RESTful architecture.
       
      For more information refer to DOC :
      Fusion Security: Using SCIM REST API (Doc ID 2346455.1)
      Section : 11. Bulk Operations - a.   Bulk Password Reset