Basics SAP Authorizations including Fiori - Online Training
Error analysis for authorizations (part 1)
Authorization tools are a great help in designing a highly automated compliance management system that precisely fits the company's own requirements. The introduction of authorization tools takes some time, but should nevertheless be tackled by companies in order to increase efficiency in the long term and save costs at the same time.
Most client programmes are additions to the standard functionalities or variations of the same. Therefore, when you create your own programmes, you can follow the eligibility checks of the standard programmes or reuse the permissions checks used there.
Read the old state and match with the new data
When displaying or posting receipts in SAP Finance, are the standard eligibility checks insufficient? Use document validation, BTEs, or BAdIs for additional permission checks. The posting of documents, and often their display, is protected by standard permission checks; but they may not meet your requirements.
Manual addition of authorization objects to roles is sometimes necessary. However, the start authorizations for actions should be generated into the role exclusively via the role menu. For the following evaluations the table AGR_1251 is used, in which to the roles the authorization objects with their values are stored.
With "Shortcut for SAP systems" you can automate the assignment of roles after a go-live.
First, select the authorization object that you want to maintain.
You can use up to three hierarchies for entitlement award for cost centres and profit centres.