Authorities for Fiori Apps and SAP MyInbox integration
The access to the back-end services of ProNovia Fiori Apps are protected by the SAP default authorization object for ODATA Services (S_SERVICE).
The following fields and values are being checked. For details please refer to the SAP authorization object documentation.
In case of Gateway Hub Systems, this authorization must be assigned in the back-end system.
Field | Value |
---|---|
Type | TADIR Service |
PgId | R3TR |
Object Type | IWSV |
Object Name | BPF My Inbox integration:
BPF Dashboard and Process List:
DMC Explorer:
LDB Dashboard:
|
In case of Gateway Hub Systems, the authorization must be assigned in the front-end system.
Field | Value |
---|---|
Type | TADIR Service |
PgId | R3TR |
Object Type | IWSG |
Object Name | <technical service name>_<service version 4 digits with leading zeros> (use available Value Help). The name depends on the prefix used during service activation.
BPF Dashboard and Process List:
DMC Explorer:
LDB Dashboard:
|
Please keep in mind, that any user using any SAP ODATA Service in a non local deployment scenario (call via RFC) need proper backend authorizations for the Gateway RFC Interface. Please refer to the SAP NetWeaver Gateway Foundation Security Guide for more Information on your landscape setup. The user should have at least the following authorizations for the authorization object S_RFC:
Field | Value |
---|---|
Type of RFC object to which access is to be allowed | FUGR (Function group) |
Name (Whitelist) of RFC object to which access is allowed | /IWBEP/FGR_MGW_CLIENT_IF |
Activity | 16 (Execute) |
© ProNovia AG | Imprint | Data Protection