Problem solve Get help with specific problems with your technologies, process and projects.

How do I add an authorization object to a transaction?

Matt Billingham, development expert, describes the methodology for adding an authorization object to an SAP transaction.

How do I add an authorization object to a transaction?

Example: For accepting incoming payments through F-28, I would like to restrict users in the field credit control area (KKBER). I added the object F_KNKA_KKB in the said transaction through SU22/SU24, and the same object also appears in PFCG, but in the actual transaction it does not control users.

I understand SU24/22 does not magically add the object. I have to do something more. But what?

In SE93, you can allocate an authorization object to a transaction. For authority checks beyond that, they are normally put into the program behind the transaction, by using the ABAP keyword AUTHORITY-CHECK.

For a standard SAP transaction, run the tx and do an authority trace to find out which authorization objects are touched. You may find the one that gives you what you need. Alternatively, there may be user exits available to add your own authority checks.

Finally, you could use field exits, but these should only be this used as a last resort since they are not being developed further by SAP.

Dig Deeper on SAP ABAP