In Identity Cloud you can configure and manage the permissions that a user has for your applications using roles. Roles are a set of Identity Cloud application Permissions, used to define the rights of a user.
See a detailed description of how permissions, applications, roles, and users are connected under Permission concept
On the Permissions tab of an application, you can configure permissions and their attributes. The administrator can:
The number of permissions for an application is limited to
Deleted permissions are removed from roles
If you delete a permission from an application, then the permission is also removed from all roles it is assigned to.