Dimension Security

Secured and Unsecured Dimensions

You can have a mixture of secured and unsecured dimensions in a model. Securing dimensions allows you to control which users or teams have read, write or deny access to dimensions and their members. You need to define a dimension as secured if you want to control member access by specific dimensions. All users can access unsecured dimension members.

Data access profiles are used to grant model access. At least one dimension in a model should be secured to ensure control over model and data access. When defining member access for secured dimensions, be sure to define access for all secured dimensions of the model. Failure to do so results in the inability to access that model for any users or teams assigned to the member access profile. For more information about setting up member access profiles, see the topic Member Access Profile Setup in the Security Guide for SAP Business Planning and Consolidation, version for SAP BW/4HANA available on the SAP Help Portal.

Security for Member-level Dimensions

In addition to defining dimensions as secure for individual models, you can assign write access to members within the dimension using member access profiles. Since by default, users do not have access to any members of a secured dimension, member access profiles must be set up for the users you want to give read-only or write access.