Privileges for using ArcGIS with an Oracle database

Privileges determine what a user is authorized to do with the data and the database. Assign privileges based on the type of work the person does within the organization.

As an Oracle database administrator, you create roles based on what users need to do in the database, grant privileges to the roles, and add the appropriate users to each role. This topic lists the minimum required privileges for common types of database users for which you would create roles: data viewers, data editors, and data creators.

Note that these privileges apply to using ArcGIS with an Oracle database. If you need to know the privileges required to use a geodatabase in Oracle, see Privileges for geodatabases in Oracle.

The following table lists three groups of users and the minimum privileges they require to query, edit, or create data from ArcGIS.

Type of userRequired privilegesPurpose

Data viewer

CREATE SESSION

This privilege allows users to connect to the database.

SELECT on other users' tables

Data viewers need select privileges on specific tables you want them to see and query.

Data editor*

Data editors require the same privileges as data viewers, plus these additional privileges.

INSERT, UPDATE, DELETE on other users' tables

Grant the editing operations you want editors to perform on specific tables.

Data creator

CREATE SESSION

This privilege allows users to connect to the database.

  • CREATE SEQUENCE
  • CREATE TABLE
  • CREATE TRIGGER

These privileges allow data creators to create tables and feature classes in the database, and populate ObjectID fields.

*To edit data, publish editable feature service layers that reference the data in your Oracle database.

If data creators will be creating views to restrict the amount of data returned to the ArcGIS client from the database, also grant them CREATE VIEW and DROP VIEW privileges.