Grant permission for external services from SAP CRM
Service User
With the transaction SUIM you can search under roles, roles with different search criteria. The variant "Roles by complex selection criteria" covers all possible selection criteria. However, you can also search only for a specific selection criterion (e.g. only for transactions, only for authorization objects...).
For result and market segment accounting, you can define planning authorization objects, the information system, and item-based reports of the information system. In the customising (transaction SPRO), you create them via the following path and then select the corresponding section. Controlling > Income and market segment calculation > Tools > Permissions management > CO-PA specific eligibility objects.
Criticality
The SAP standard offers various ways to record and play on a massive scale. These tools are generally available for all operations in the SAP system, not just for role maintenance. Therefore, they are also more complex to operate, in order to be able to cover as flexibly as possible all possible application scenarios. eCATT is also no exception, so many users are still afraid to use it. But we can tell you from experience: After the second or third time, the creation of the test scripts is so quick that you'll wonder why you haven't always done it this way.
Documents: The documents in the audit structure describe the audit steps. You can create them in accordance with your audit requirements. You can recognise documents by the symbol. Double-click on this icon to open the document.
"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.
SAP Note 1707841 ships an extension to the system trace in the STAUTHTRACE transaction, which enables the permission trace to be used on all or on specific application servers.
To the individual fields then, as with ACTVT, the permissible options which are deposited at the field can be specified.