Authorizations in SAP S/4 HANA
Types of SAP Fiori Apps
•
Transactional Apps
•
Fact Sheet Apps
•
Analytical Apps
Greenfield Implementation steps
1. Workshops
2. Role matrix
3. Naming convention of Fiori objects Roles, Catalog, group,
space, pages
4. Best Practice for role design
5. Phase wise activates from Security
6. Custom Business Catalogs, Group and Roles
Create a New Launchpad and Application
•
Create and Assign a Transport Request
•
Create a New Catalog
•
Create New Target Mapping
•
Add a Static Tile
•
Create the Custom Role and Add the Catalog
•
Create custom group and how to transport the
fiori group
Custom Spaces, Pages and Section
•
How to create a custom space
•
Create the Custom Space
•
How to create a custom Pages
•
How to add the section in the page and add the
Fiori application in page
•
How to link Pages into the Space
•
How to add space in the role and how user can
access the spaces and pages
SU24 update for Fiori Application (Standard and custom Fiori
application)
SUIM – For finding Fiori catalog/group in which roles
Troubleshooting in S/4 HANA and Fiori applications
• SU53
• Stauthtrace
• /IWFND/ERROR_LOG (frontend system)
• /IWBEP/ERROR_LOG (Backend system)
• S_RFCACL access issue
• SLG1
• Browser debugging using F12
- Authorization Object S_SERVICE for OData in general (OData Service, TADIR IWSG, *)
- Transactions
- General maintenance roles, e.g. PFCG, SUIM, SU22, SU24, SU25, STAUTHTRACE ...
- /IWFND/MAINT_SERVICE
- /Ul2/FLPD_CUST Fiori Launchpad Designer (client-specific)
- /UI2/FLP SAP Fiori Launchpad o /Ul2/PAGE_BUILDER_PERS Odata service ( tcode to maintain service /IWFND/MAINT_SERVICE)
o
/UI2/PAGE_BUILDER_CONF Odata service
o
/UI2/PAGE_BUILDER_CUST Odata service
o
/UI2/TRANSPORT Odata service
o /UI2/INTEROP Odata service
•
SICF (Activity03- Display)
•
Authorization Object
•
S_RFCACL for Trusted Connections
•
S_SERVICE for OData in general (OData Service, TADIR IWSV, '')