There are many scenarios where-in the technical developers would need production access to look into any issues for hcm extract runs/BI reports/some setup issues.
Security Administrator would have concerns on providing full access to the developers as there are chances that the developer could do some changes with or without knowledge as mostly the developers will have TECHADMIN or superuser access to do changes to HCM Extracts/BI Reports.
In order to overcome this, there is a nice feature to make the user read-only even though the user has administrator privileges.
Navigate to Setup and Maintenance and task “Manage Administrator Profile Values“
Search for profile Option Code – “FND_READ_ONLY_MODE“
If you want to make TESTUSER as read-only, we need to add a row under Profile Values and select the User Name and select the Profile Value as “Enabled” to make the user read-only. A banner message showing the information “You have read-only access to all applications. You cannot perform updates.” will come up when a read-only user logs in to the application.
If you want the user to have read-write access, then we need to update the profile value to “Disabled” and save.
Once you make the user read-only, the user will be able to see everything however the user cannot update any data/extracts.
If you have any questions, please feel free to reach out to me by posting in comments section.
If you are interested in learning Fusion Technical tools go through this post
If you liked the article, please share it with your friends/ colleagues/ teammates or anyone who might also benefit from it.