Problem solve Get help with specific problems with your technologies, process and projects.

Granting user access to cost centers through SAP authorization objects

A SearchSAP.com reader wants to know how to grant a user access to cost centers, as well as access to one cost element across all cost centers.

I need to give a user access to all cost elements within a cost center.

However, I also need to give them access to one cost element across all cost centers. This seems to negate the restrictions in the above role. How can I fix this?

This can be done easily. Object K_CCA CO-CCA: Gen. Authorizations for Cost Center Accounting have fields for cost center and cost element. Create two SAP authorization objects. In one, enter the single cost center where all cost elements are allowed in the cost center field and an * in the cost element field.

In the other authorization object, enter an * in the cost center field and the single cost element in the cost element field. SAP authorizations are never aggregated to determine whether a user can access data or not. They are tested one at a time using or logic. Just think of a key chain and that ever key in the key chain is tested in the lock one at a time.

Dig Deeper on SAP security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.