Maintain proposed values using trace evaluations
Check Profit Centre Permissions in FI
Many companies do not pay enough attention to the topic of authorizations in SAP SuccessFactors. It often seems too complex and confusing. Both the creation of a concept and the harmonization of existing structures often seem like a mammoth task. However, with role-based authorizations, SAP provides a very powerful control tool that remains clear with a little help and documentation.
Customising roles are temporary because of their project nature. Therefore, when assigning users, maintain the end date. You cannot also map transactions manually if you created a role directly from a project or project view. Conversely, you cannot use an existing transaction role in the menu as a customising role. The transactions associated with a customising role are not displayed in the Session Manager or the SAP Easy Access menu, but can only be viewed through the view in the customising.
Centrally review failed authorisation checks in transaction SU53
After these preparations, we now proceed to the expression of the User-Exit in the validation that has just been created. To do this, you copy the User-Exit definition in the created custom programme, specify a name for the User-Exit definition (e.g. UGALI) and create a new text element.
If you get into the situation that authorizations are required that were not considered in the role concept, "Shortcut for SAP systems" allows you to assign the complete authorization for the respective authorization object.
At "www.sap-corner.de" you will also find a lot of useful information on the subject of SAP authorizations.
For example, if your company has 100 sales organisations and 20 sales roles, you already have 2,000 role outlets.