Security
Omada Identity Cloud restrictions
For the Omada Identity Cloud the Omada Provisioning Service (OPS) doesn't have access to the Platform administrator user group. Requesting those resources or including them in assignment policy will result in an OPS error. To avoid this issue remove the assignments and assignments policies directly related with Platform administrator user group and archive failed provisioning jobs.
Firefighter
The Governance for Omada Identity feature has a capability to lockout all users. As a failsafe mechanism, it is advised to configure a desired state for at least one system administrator account.
Have at least one personal administrator account that can request and approve access to the Omada Identity Account resource and to the System Administrator resource.
In a situation where a system administrator account is deleted or locked out, it can be restored by a request to the Omada helpdesk.