Start of Content Area

Background documentation Authorizations (Recruitment) Locate the document in its SAP Library structure

The authorizations for Recruitment are stored in the authorization profiles of the SAP E-Recruiting roles.

For more information about the role profiles, see the respective role descriptions.

Start Pages and Applications

You can use the authorization object P_RCF_APPL (Applications in E-Recruiting) to control the access to start pages and applications.

Infotypes (Data)

Authorization object PLOG (Personnel Planning)

You can use the authorization object PLOG, which is used for personnel planning data, to control which infotypes and objects a user can access. For example, you can block the display of demographic data for persons not belonging to the HR department.

SAP E-Recruiting uses the following object types:

US (User), CP (Central Person), P (Person), O (Organizational Unit), S (Position), C (Job); NA (Candidate), NB (Requisition), NC (Posting), ND (Application), NE (Candidacy), VA (appraisal template, in E-Recruiting: Questionnaire Template), VB (criteria group, in E-Recruiting: Question), VC (criterion, in E-Recruiting: Response).

SAP E-Recruiting uses the active plan version only and all planning statuses.

SAP E-Recruiting uses the following infotypes:

     Infotypes 50* (Questionnaires)

     Infotypes 51* (E-Recruiting Infotypes)

     Infotypes 1000, 1001, 1002

     Subtypes are active

Authorization object P_TCODE (HR: Transaction Codes)

A special authorization check is performed for the qualifications. In the authorization object P_TCODE you must enter the value PP in the Transaction Code field (TCD).

Authorizations that are checked in the applications

A number of restrictions exist that depend on the respective context. For example, a candidate can view and maintain his or her own profile only. These connections are not checked using authorization objects; instead, they are checked within the relevant application.

Personal Data

SAP E-Recruiting manages personal data using SAP Business Partner. For this reason, you must assign all users the basic authorizations for SAP Business Partner.

The following authorization objects are relevant:

     B_BUPA_ATT (Business Partner: Authorization Types)

     B_BUPA_FDG (Business Partner: Field Groups)

     B_BUPA_GRP (Business Partner: Authorization Groups)

     B_BUPA_RLT (Business Partner: BP Roles)

 

Direct Access to Talent Pool

The authorization object P_RCF_POOL (Direct Access to Talent Pool) is checked in SAP E-Recruiting when candidates are accessed directly in the Talent Pool.

In Recruitment, the Talent Pool can be accessed directly in the following ways:

     Using the ‘Candidate Overview’ scenario. By searching by name, a candidate can be identified and all of his or her data displayed. (Example of possible scenario: a candidate asks for information over the telephone.)

     If a recognition check is performed when an application is entered manually

     If candidate data has to be changed retroactively. For example, if in the course of a telephone interview the candidate reveals data that is not contained in his or her profile.

Depending on the scenario, you enter the following authorizations in the field RCF_POOL (Permitted Access Mode):

     DIRECT_ACC (Status-Independent Access to Candidates)

     DUPL_CHECK (Recognition of Multiple Applicants)

     CAND_MAINT (Maintenance of Candidate Data)

 

Status Changes for Objects

You use the authorization object P_RCF_STAT (Object Status in E-Recruiting) to assign the authorizations for status changes for objects.

The field OTYPE (Object Type) contains the relevant object types, the field RCF_STATUS (Generic Object Status) contains the statuses permitted.

In Recruitment, the following object types and statuses are relevant:

Object

Possible Status

Candidate

Released, Locked

Candidacy

In Process, Withdrawn, Rejected, To Be Hired

Application

Draft, In Process, Withdrawn, Rejected, To Be Hired

Requisition/Job Posting

Draft, Released, Completed, To Be Deleted, On Hold

Posting Instance

Draft, Released, Completed

Questionnaire

Draft, Released, Do Not Use

Question

Draft, Released, Do Not Use

 

Data Overview

You can use the authorization object P_RCF_VIEW to assign the authorizations to display data overviews.

In Recruitment, the following activities are relevant for the authorization to view the data overviews:

     ACT_DOVR (Overview of the activity)

     CAND_DOVR (Overview of the candidate profile)

     APPL_DOVR (Overview of the application data)

     CDCY_DOVR (Overview of the candidacy data)

     PINST_PBL (Overview of the publication)

     REQ_DOVR (Overview of the requisition/posting data)

     EEO (Overview of the Equal Employment information)

     TG_DOVR (Overview of the talent group)

The user has access to all overviews that are stored in the field RCF_VIEW (Data Overview) for his or her role.

For all other data overviews, each application displaying a data overview checks whether the relevant user has the authorization to view the overview. These checks are different for each application.

In Recruitment, the system performs the following checks for the relevant applications:

Application displaying an overview

Checks

Candidate (hrrcf_cand_dovr)

Does the user call his or her own profile?

Is the user a member of the support team for the candidate’s application?

Is the user a member of the support team for the requisition to which the candidate is assigned?

Application (hrrcf_appl_dovr)

Is the user a member of the support team for the candidate’s application?

Is the user a member of the support team for the requisition to which the candidate’s application is assigned?

Candidacy (hrrcf_cdcy_dovr)

Is the user a member of the support team for the candidate’s application?

Is the user a member of the support team for the requisition to which the candidate is assigned?

Internal publication (hrrcf_pinst_pbl)

Note: No authorization check is required for external publications.

Is the user an employee?

Requisition (hrrcf_req_dovr)

Is the user a member of the support team for the requisition?

EEO (hrrcf_qa_docvr)

Was the user the last person to change the EEO questionnaire?

Does the user (candidate) call his or her own EEO questionnaire?

 

Activities

You use the authorization object P_RCF_ACT to determine the type of access to activities that is possible for a user. An activity in SAP E-Recruiting is therefore identified through the assigned process and through the activity type.

The following access types to an activity can be stored using the authorization field ACTVT (Activity):

     Add or Create

     Change

     Delete

Access to Worklists

You use the authorization object P_RCF_WL to determine the worklists that a user can access in the dashboard.

The user has access to all worklists that are stored in the field RCF_WL_ID (Identifier of Worklist) for the user.

Create Candidates

To be able to create a candidate, you must use the authorization object S_USER_GRP (User Master Maintenance: User Groups) to assign authorization to create the relevant user.

 

End of Content Area