Roles play a pivotal role in Oracle Identity Governance.They are used to define the access rights that an entity may have. A role may be associated with one or more access rights to Oracle Identity Manager functions. For example, a single role enables a user to create other Oracle Identity Manager user accounts and manage a specific organization. Roles determine the links and menus that are available to users when they log in to the console.
Roles are entities that are independent of organizations, capable of being assigned to multiple organizations, users, and to other roles.
Roles can be grouped into a category, organizing the roles for the purpose of navigation and authorization. Creating role categories also presents a cleaner and easier-to-navigate hierarchy if you are creating many roles.
Two categories exist by default in an out-of-the-box installation of Oracle
1) OIM Roles: The Oracle Identity Manager (OIM) Roles category contains the list of predefined roles that exist in Oracle Identity Manager by default. These roles are primarily used for managing permissions and access rights to menu items, links, and buttons in Oracle Identity Manager.
2) Default: Any roles created in Oracle Identity Manager that are not assigned to a category at the time of creation are assigned to the Default category by default.
Creating a Role Category is simple. Click on Create icon in above screenshot and enter details and SAVE it.
Now lets create a role with OraWorldCorp role category.
I have left Owned By field empty in above screenshot. This searchable field enables you to assign the user ID for the user who should own this role. The role owner is a user who has permissions to view, modify, and delete the role without having to create custom authorization policies. If the Owned By field is not completed, the role is owned by the System Administrator administrative role automatically.
The new Role is now created with the new Role Category.