Authority administrators use Authority Manager to grant Oracle Business Intelligence (OBI) financial-reporting privileges to faculty, staff, and students who need access to Stanford financial data and reports. When granting or updating access, administrators must select the privilege type, define the organizational scope, set data-access limits, and assign relevant subject areas. Learn more in the Topic Overview: Financial System and Reporting Authority and the System: Authority Manager.
Grant OBI Finance Reporting Authority
Before You Start
Required authority:
- You must have the specific privilege you want to grant with "Grantable" checked in your own authority profile
- For example, to grant Report Viewer Salary Data for an organization, you must have Report Viewer Salary Data for that organization as grantable
Important limitations to understand:
- Grantable Ad Hoc privileges do not provide the ability to grant Report Viewer access (no inheritance)
- You may only grant authority at the same or more restrictive scope and limits than your own
- Grantable privilege is not inherited—if you have grantable Salary Data access, you can only grant Salary Data, not Basic or Timecard access
Alternative option:
- If you lack appropriate grantable authority, use the Request Authority tile in Authority Manager to request an action and route it to the lowest level grantor for approval
- Enter authority.stanford.edu in the browser
- Log in using SUNet ID and password
- Select the Grant Authority tile on the Home page
- Begin entering a SUNet ID or a Name in the search field
A list of viable options will display. Refine the search as needed to find the correct person.
- Select the employee's name from the search results
- Under Enterprise Reporting/Financial Reporting select a privilege to grant
| Privilege | Capability |
|---|---|
| Report Viewer |
|
| Intermediate Ad Hoc User |
|
If a user already has the Report Viewer privilege for multiple organizations/awards/projects, adding one Ad Hoc grant will apply Ad Hoc capabilities to all previous grants.
- Enter an Org Name or 4-character Org Code in the search field
- Review the displayed Organization Hierarchy starting at the lowest level
- Select the appropriate organization:
- Leaf organizations (marked with leaf symbol): Enable specific Project/Task or Award selection
- Higher-level organizations: Include all child organizations but lose specific Project/Task/Award selection capability
- Choose one scope option for the privilege:
All Projects and Awards:
Provides access to all projects and awards owned by the selected organization and its children
Specific Project(s)/Task(s):
Available only for leaf organizations
Select from the displayed list of Projects/Tasks for the specified organization
Cannot be granted at parent organization levels
Specific Award(s):
Available only for leaf organizations
Select from the displayed list of Awards for the specified organization
Cannot be granted at parent organization levels
Specific Principal Owner(s):
Select from faculty listed as principal owners under the scope organization
Grantee will see all PTAs owned by the selected principal owner regardless of organizational scope
The list displays faculty who are a principal owner of a PTA under the scope org
- Select one or more data access levels (higher levels inherit lower-level access):
| Data Access | Description |
| Basic Data |
|
| Timecard Data |
Basic Data limits are inherited. |
| Salary Data |
Timecard Data and Basic Data limits are inherited. |
Select each data access level individually if providing grantable privilege. A user with grantable Salary Data can only grant Salary Data access, not Basic or Timecard access.
Additional options exist for central office use only.
- Select one or more Subject Areas:
| Subject Area | Description |
|---|---|
| Payroll and Labor |
|
| Funds and Expenditures |
|
| Reference Data and Inquiry Only |
|
- Select the appropriate grantor setting:
- Can grant the privilege to others
- Cannot grant the privilege to others
- Can Only grant the privilege to others (restricts to granting only)
For grantable privileges, select each data access level individually to ensure ability to grant each of them.
- Select an Effective Start Date of today or up to 60 days in the future
- Select an Expiration Date, if appropriate
- By default, privilege expires on the day of termination
- Enter Comments, if appropriate
- Select Grant Authority
- Privileges are enabled when:
- All prerequisites are recorded as complete in STARS
- An overnight update has run
- The system sending the employee reminder emails until the Confidentiality Agreement prerequisite is completed
- If any prerequisites remain incomplete after 300 days, the authority becomes stuck and requires revocation and regranting before it can become active
- To revoke or update authority grants, refer to Authority Manager.