Which statement is true about applying security to Subject Areas in FAW?

• A. Access to Subject Areas is controlled solely by external identity provider and cannot be overridden in FAW.
• B. You can only manage access to Subject Areas via out-of-the-box roles.
• C. You must always use Oracle Support to modify subject area security.
• D. You modify security via application duty roles and security configurations in Semantic Model Extension.

Answer: (D)

Subject Area security in FAW is enforced at the semantic model level, so access is controlled by application duty roles and security configurations defined in the Semantic Model Extension. Authentication might come from an external identity provider, but the authorization to view specific Subject Areas is determined by the roles you assign and the policies you configure in the SME. This setup lets you tailor who can see which Subject Areas without changing the IdP, and you can define custom duty roles beyond any built-in options. By adjusting the application duty roles and the security configurations in the Semantic Model Extension, you implement precise, maintainable access control for Subject Areas.