OBIEE Roles | Assigning Groups to Roles in OBIEE

Working with OBIEE Roles :

In my previous article, I explained the systematic process to create Users for Obiee. I explained how to assign those groups to specified user. OBIEE Roles are also very important, as there is direct relation between user and the role. Application roles and application policies used to provide the permissions to the specific user as well as user groups.

OBIEE Roles :

There are some default roles defined in Fusion middleware controller or you can say it as Enterprise manager to access BI folders, create and update analysis of OBIEE. There are following four default roles in OBIEE:

  1. BIAdministrator Role:

This is most important role of OBIEE, which has all the access of obiee application. The users with this role has access of all parts of the system, including modifying catalog permissions and privileges.

  1. BIAuthor Role:

The user with BIauthor role has access of creating analysis as well as dashboards. Most of the report developers who does not need access of Administrator activities are assigned with this role. The BIConsumer access will automatically granted when the user is assigned with BIAuthor role.

  1. BI Analyst:

The user with BI Analyst role has access of create analysis and view dashboard.The BI Consumer role is automatically assigned when BI Analyst role has been assigned to user.

  1. BI Consumer:

BIConsumer access is only the read only access, which can view the analysis and dashboard.



Different Roles in OBIEE Application :

If user wants to see the assigned roles then in OBIEE Analytics application user needs to go to following path:

Go to Username (Arrow) –> My Account

Oracle Fusion Middleware Application / Enterprise Manager:

To manage application roles and policies user needs to user Oracle Fusion Middleware Application or you can say it as Enterprise Manager.

Step 1: Go to Oracle Enterprise Manager by using following syntax

Https ://< Application Server Id>: Port / EM


Step 2:

Go to following path to check the roles

OBIEE 11 G :

Business Intelligence Instance –> Security –> Application Roles

Business Intelligence Instance–> Security–> Application Policies

For OBIEE 12 C :

Weblogic Domain –> Security–> Application Roles

Weblogic Domain–>Security–> Application Policies

Step 3:

To see the different roles in OBIEE user just need to select the application stripe and run to see the different roles used in OBIEE.

Step 4: Creating Application Roles

There are two methods of creating application roles

  1. Create New Option: Using create new option in Enterprise manager user can create different roles. User needs to add members (Groups) to roles later after creating the role.
  2. Copy Existing in OBIEE 11 G / Create Like in OBIEE 12 c : using this option user can create role by copying the existing role. The copy contains access of same members assigned to that user.

Step 5: Add Members for the Roles / Add Groups to the role

By clicking the add button in member option user will be able to add members of that role. This is also important step because most of time BI administrator failed to add the members to that roles.

Then after selecting members that members assigned to that role:

Using above steps the different groups has been assigned to the newly added roles.

Step 6 : Copy Role

Using create like option user can copy the same role with different name. There are so many scenarios in which user needs the same role but different names. In that case these role names are important.

Select any role from the list and click on OK. It will create the copy of that role with assigned members.

Step 7 : Delete Role

Using delete option administrator can delete any role.The role will delete with its members.


These are steps of creating roles and assigning groups to the role. Hope everyone like this article.Dont forget to share this article.