Hi Team,
I am using Oracle Apex cloud 23.2 version and Oracle cloud fusion applications. I am also using IDCS as IDP.
- To access Apex application from Fusion, sandbox link is available as Duty Role/Privilege and is assigned to required user.
- Fusion users will be assigned this sandbox custom role and One Fusion sync program is running to create one IDCS group for the users.
- Oracle Apex is SSO Authenticated with IDCS and authorized from the synced IDCS group.
I wanted to understand, for Data access security/policies where I am lagging from Fusion to Apex application in above steps, how can I make my Apex application more secure in this setup?
How can i take care additional steps below, if needed to apply:
- Data security policies implementation in between Fusion to Apex applications?
- If user is logged in to Apex app using sandbox link, should I need to check user identity, assigned role and policies again in Apex?
- If we are dealing with multiple business unit for Apex applications, how can I implement this from Fusion to Apex?
Please help me to understand security more in between Fusion to Apex using IDCS or these can be handled from user role directly?
Thanks,
Parul.