A simple blogpost, but this situation occured in our environment. In our case the project team woud like to support the releases and user acceptance tests (UAT) better and requested access to the Acceptance environment. The purpose was having read-only access to the SCA composite instances for the Oracle BPM/SOA developers.
So after checking the Oracle Enterprise Manager Roles section in the Oracle Fusion Middleware Administrators Guide we discovered that this was actually quite simple to arrange in Oracle Enterprise Manager.
First the user must be a member of the Monitor group in Weblogic to be able to login to the Enterprise Manager console.
After that the admin must make sure that the Weblogic Monitors group is a member of the SOAMonitor Role in Enterprise Manager. This can be arranged by right-click soa-infra -> Security -> Application Roles
Search for all the roles by clicking on the play button, selecting SOAMonitor, edit and adding the group there.