Oracle-Enhances-HCM-Data-Loader- 23C-and-23D Updates

Oracle Enhances HCM Data Loader- 23C and 23D Updates

The document covers two relevant tasks required to provide controlled access to the users for HCM Data Loader.

1. Scenario 1: To create a custom role to access the HCM Data Loading Functionality as introduced in 23C.

2. Scenario 2: Restricted Access to HCM Data Loader based on Business Objects as introduced in 23D.


Scenario 1: Creation of a custom role to access HCM Data Loading Functionality


To give privilege to a user to access HCM data Loader functionality, the predefined role Human Capital Management Integration Specialist could be given. However, this role has extreme potency which exposes the user to access multiple other features including HCM extracts and HDL Spread Sheet Loader even if it is not required. So, to restrict the access solely to HCM Data Loader, Oracle has newly introduced a duty role HCM Data Load in 23C. User assigned with this role could be given access exclusively to HCM data loading functionality under the ‘Data Exchange’ functional Area.


  • Step 1: Create a custom job role to provide access to HCM Data Load


To create a custom role:

a) Navigate to the Home page> Tools> Security Console> Roles> Select an already existing role/Create a custom job role.



Fig.1: Scenario1-HCM role creation


b) In the function Security Policy, add the privilege ‘Load HCM Security Data’ if the business object to be loaded is security related such as Areas of Responsibility, Person/Organization security profile, and so on. Click on next to continue.



Fig.2: Scenario1-HCM role creation


c) Navigating to the role hierarchy


Add the roles below:

Role Hierarchy
To Access
HCM Data Load Tasks within the HDL work area
Submit data for importing via file-based integration for Human Capital Management HCM/Dataloader/(Import/Export)directory in WebCenter Content server
HCM/Dataloader/(Import/Export)directory in WebCenter Content server



Fig.3: Scenario1-HCM role creation


d) Click ‘Next’ to save the role.


  • Step 2: Assign a user with the custom role and schedule the relevant processes.

Navigate to Home page> Tools> Security Console> Users> Select a user>Add Role>Done


scenario1-HCM role assigning to user

Fig.4: Scenario1-HCM role assigning to user


  • Step 3: Validating the result

Login as the new user. Navigate to My Client Groups> Data Exchange to view the HDL functionalities.



Fig.5: Scenario1-validating result



Fig.6: Scenario1-validating result


The User can solely access the HDL functional area with full accessibility to view and load the data for all the business objects. The role hence imposes limits on other features in the ‘Data Exchange’ service.


Business Benefits

  • The oracle-delivered roles such as Human Capital Management Integration Specialist have extreme potency which exposes the user to access multiple functionalities, which can be restricted using the feature.
  • HCM data loading is a significant choice when dealing with deleting bulk data from the system which is not possible through other options such as HSDL.



  • The functionality allows the implementor to a wide access to the entire HCM data loader functionality.


Scenario 2: Restricted Access to HCM Data Loader Based on Business Objects

Oracle has introduced a new feature in 23D to restrict HDL data loading by business objects. Upon configuring this, the user would not have the privilege to load the business objects which are restricted to the role assigned to him.


  • Step 1: Create a custom role with access to HCM Data Loader under the My Client Groups.

To achieve this, follow step 1 in Scenario 1 (eg: Custom Role Name: ‘aa_HCM DATA LOAD_RESTRICTED CUSTOM ROLE’)

  • Step 2: Configure the HCM Data Loader to override the default functional HDL settings.

To perform this step, navigate to Setup and Maintenance> Functional Area: HCM data Loader> Configure HCM Data Loader>Navigate to the following Parameters:


a) Enable Configuration of Role-Based Business Object Access> Override the default value by choosing ‘Yes’.

b) Restrict Access to Security Related Business Objects > Set the Override value to ‘Yes’.

Note: This is required only if the access ought to be given for security-related business objects.



Fig.7: Scenario2-HDL restriction activation


  • Step 3: Provide HCM Data Load access

The configuration could proceed a) By Role and b) By Business Objects. Note that both the method results in the same outcome.


scenario2-HDL restriction activation

Fig.8: Scenario2-HDL restriction activation


Step 3 (a): Provide HCM Data Load access ‘By Role’

Navigate to Setup and Maintenance>HCM Data Loader Business Object Access>By Role. Under Job and Abstract Role >Navigate to the created custom role eg: ’aa_HCM DATA LOAD_RESTRICTED CUSTOM ROLE’ > Assigned Business Object> Assign.


1. To assign selected business objects:

Assign Individual Business Objects>Search and select the business object (eg: Worker) >Save and close.



Fig.9: Scenario2-HDL restriction by business object


Note: For the current example, the option ‘Assign individual business Object’ is utilized. The business object ‘Worker’ is selected. The employee assigned to this role will have the privilege to upload only worker business objects.


2. To assign Business objects from the selected product area
  • Assign All Business Objects in a Product Area>Search and select the Product Area eg: Global HR -Person >Save and close.


scenario2-HDL restriction by product area

Fig.10: Scenario2-HDL restriction by product area


  • The user assigned with the role can load all the business objects under the product area.


3. To Assign All Business Objects, restricting the security-related business objects

Assign All Unrestricted Business Objects> Warning message pops up> Add >Save and close.


scenario2-HDLall-unrestricted-business objects

Fig.11: Scenario2-HDLall unrestricted business objects


4. To Assign All Business Objects, Including Security-Related Objects

Assign All Business Objects, Including Security-Related Objects > Warning message pops up> Add >Save and close.

Note: To load security-related business objects, it is required to add the function security policy ‘Load HCM Security Data’ while creating the custom role in Scenario 1.



Fig.12: Scenario2-HDL all security-related business objects


Step 3 b) Provide HCM Data Load access ‘By Business Object’

  • Navigate to Setup and Maintenance>HCM Data Loader Business Object Access>By Business Object.



Fig.13: Scenario2-HDL based on business objects


  • Under ‘business object’, search and select business object names (eg: Worker). Under ‘Assigned roles’ > + > Search and select the custom role> Save and close



Fig.14: Scenario2-assigning to user


  • Step 4: Assign the custom role to the user.

Navigate to Home page> Tools> Security Console> Users> Select a user> Add role> Done


scenario2-HDLselecting business objects

Fig.15: Scenario2-HDLselecting business objects


  • Step 5: Validating the results

Log in as the user to the home page. Navigate to My Client Group> Data Exchange> View Business Objects> Download the template. DAT file. Under My Client Group> Data Exchange> Import and Load Data> Import File> Try to load multiple business objects. eg: ‘Grade’ and ‘Worker’.



Fig.16: Scenario2-Loading Business object through HDL


Upon loading, the ‘worker’ completes import and load. However, ‘Grade’ shows a warning message and fails to import. An error appears in the data set stating the User does not possess the required privilege to load this business object.


scenario2-validating the result

Fig.17: Scenario2-validating the result


Business Benefits

  • It allows restrictions to users for using HDL based on various factors such as product area/security objects depending on the roles the employee holds.
  • Upon giving the restricted access, the user can be given the privilege to upload the data for various business objects that are currently restricted under HCM Spreadsheet Data Load.



  • As the feature foundation is completely based on roles, there lacks the flexibility to restrict access for multiple users with the same role.



In conclusion, implementing controlled access to the HCM Data Loader via custom roles and business object restrictions provides significant advantages for organizations using Oracle’s HCM platform. This structured approach enhances security and operational efficiency by tailoring access permissions, ensuring users interact only with essential functionalities aligned with their roles. By creating custom roles and configuring access based on business objects, organizations can mitigate risks associated with unauthorized access while streamlining processes. However, it’s crucial to acknowledge limitations such as potential challenges in nuanced access permissions for similar roles and complexity in managing configurations at scale. Despite these challenges, continuous evaluation and refinement of access control mechanisms enable organizations to maintain a robust and secure HCM environment tailored to their evolving needs.


Author: Reshma P Eldho, Associate Oracle HCM Consultant

Oracle HCM Cloud

Implement, Enhance, Update & Support Oracle HCM at Zero Cost!

Read More