SAP S/4HANA - How To Create and Generate Backend Security Authorizations For SAP Fiori 2.0

Download as pdf or txt
Download as pdf or txt
You are on page 1of 11

S/4HANA How-To-Guide RELEASED FOR CUSTOMERS

Document Version: 1.0 – 2017-09-01

SAP S/4HANA - How to Create and Generate


Backend Security Authorizations for SAP Fiori 2.0
Document History
The following table provides an overview of the most important document changes.

Table 1

Version Date Description


1.0 August 10, 2017 Initial Version – Gilbert Wong
2.0 September 1, 2017 Update S4HANA release level – Gilbert Wong

How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0.docx P a g e |2
Typographic Conventions

Type Style Description

Example Words or characters quoted from the screen. These include field names, screen
titles, pushbuttons labels, menu names, menu paths, and menu options.

Textual cross-references to other documents.

Example Emphasized words or expressions.


EXAMPLE Technical names of system objects. These include report names, program names,
transaction codes, table names, and key concepts of a programming language
when they are surrounded by body text, for example, SELECT and INCLUDE.
Example Output on the screen. This includes file and directory names and their paths,
messages, names of variables and parameters, source text, and names of
installation, upgrade and database tools.
Example Exact user entry. These are words or characters that you enter in the system
exactly as they appear in the documentation.
<Example> Variable user entry. Angle brackets indicate that you replace these words and
characters with appropriate entries to make entries in the system.
EXAMPLE Keys on the keyboard, for example, F 2 or E N T E R .

SAP S/4HANA - How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |3
Table of Contents

1 Introduction ....................................................................................................................................... 5

2 Documentation Links ........................................................................................................................ 6

3 SAP Backend Role Creation and Generation from SAP Frontend Catalog ................................7

SAP S/4HANA - How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |4
1 Introduction
This document is created by the S/4HANA Regional Implementation Group (RIG) and will detail the steps
required to create SAP Backend authorizations for a SAP S/4HANA system based on SAP Fiori 2.0
Frontend Server Catalog information. This document is intended to cover the steps to generate backend
authorizations objects based on SAP Fiori Apps, SAP Transactions based on SAPGUI for HTML and Web
Dynpro applications from the SAP Fiori Frontend Tile Catalog.

This document will use a sample SAP Fiori Frontend Catalog to generate the required authorization
objects on the SAP Backend S/4HANA system. You will still need to maintain/create the SAP Frontend
authorizations which consist of the SAP Business Catalog, SAP Business Groups, and PFCG roles. For more
information on how to setup and create custom SAP Business Catalogs, SAP Business Groups and PFCG
roles, please refer to the security documentation located on the SAP help site,
https://help.sap.com/FIORI_IMPLEMENTATION. You need to design the overall SAP security strategy
based on the customer requirements.

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |5
2 Documentation Links

Below are the links to various S/4HANA OP documentation to be used as reference to the
installation.

Documentation

Help.sap.com URL for Fiori implementation and configuration


SAP Fiori Implementation Information
https://help.sap.com/FIORI_IMPLEMENTATION

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |6
3. SAP Backend Role Creation and Generation from
SAP Frontend Catalog

1. Ensure SAP Frontend Catalog and Group has been setup and defined correctly. As a starting point, you can
use a standard delivered SAP Frontend Business Catalog. For this example, we will use the following SAP
Business Catalog from the SAP Fiori Frontend Server.
➢ SAP_MM_BC_IM_MANAGE (Materials Management- Warehouse Management)

2. Log on to backend S/4HANA system. Start transaction /nPFCG

3. Create new PFCG Role.


a. Enter new PFCG Role name.
b. Click on “Single Role”

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |7
4. Enter description and save PFCG role and click on “Yes” to save the SAP PFCG role.

5. Select dropdown from Transaction menu.

6. Select “SAP Fiori Title Catalog”

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |8
7. Enter Catalog ID from “Assign Tile Catalog” screen.
a. Select “Remote Front-End Server”
b. Enter Frontend RFC Destination connection to the SAP Fiori Netweaver Gateway System.
c. Select Catalog ID you would like to import into SAP PFCG Role.

8. S_SERVICES and SAP Transaction codes will be added to the SAP PFCG Role Menu.

9. Create and Maintain the SAP PFCG Authorization Objects.


a. Select Authorizations Tab.
b. Click on Change Authorization Data pencil button.

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e |9
10. Save PFCG role.

11. Business Authorization Objects will be added to the SAP PFCG Profile.
a. Maintain Authorization Values for the profile.
b. Click on the Save icon to continue.

12. Maintain authorization objects per customer requirements.


a. Make sure all traffic lights are green
b. Click on Save.

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e | 10
13. Save SAP PFCG Profile.

14. Generate the SAP PFCG Profile.


a. Click on the Generate Icon.

15. Assign SAP PFCG role to end user.


a. Click on “User” Tab.
b. Add users to User Assignments.
c. Click on Save Icon to save SAP PFCG Role assignment.
d. Click on User Comparison.

SAP S/4HANA – How to Create and Generate Backend Security Authorizations for SAP Fiori 2.0 P a g e | 11

You might also like