As an administrator, you use roles to create and manage the records of a collection of users to whom you want to permit access to common functionality, such as access rights, roles, or permissions.

Roles can be independent of an organization, span multiple organizations, or contain users from a single organization.

Using roles, you can:

– View the menu items that the users can access through Oracle Identity Manager Administration Web interface.
– Assign users to roles.
– Assign a role to a parent role
– Designate status to the users so that they can specify defined responses for process tasks.
– Modify permissions on data objects.
– Designate role administrators to perform actions on roles, such as enabling members of another role to assign users to the current role, revoke members from current role and so on.
– Designate provisioning policies for a role. These policies determine if a resource object is to be provisioned to or requested for a member of the role.
– Assign or remove membership rules to or from the role. These rules determine which users can be assigned/removed as direct membership to/from the role

Read more at – Oracle Identity Manager Role Management With API