Identity Governance detects users that hold all the permissions of a role, but it might not have assigned the role to the user. Primarily, fulfillers would assign technical roles to users based on access requests or Business Role authorizations. However, promoting detected roles to assigned roles gives administrators the ability to onboard any initial assignments.
Administrators can promote and assign technical roles to all detected users of a role who were not assigned the role. Additionally, they can choose specific detected users of a role and assign them the technical role.
To promote and assign technical roles to all detected users of a role:
Log in as a Global or Technical Roles Administrator.
Under Catalog, select Roles.
Select one or more roles from the list, then select Actions > Promote Detected to Assigned.
Add a comment and click Promote.
To promote and assign technical roles to specific detected users of a role:
Log in as a Global or Technical Roles Administrator.
Under Catalog, select Roles.
Add # Detected Users to the displayed columns.
Click on the number of detected users.
Select the users to assign.
Click Promote Detected to Assigned.
Add a comment and click Promote.