Authorization Checks for the Remote Content Editor

Administrators can restrict access to specific SAP Fiori catalogs and SAP Fiori groups in the Remote Content editor by configuring the /UI2/SRVC authorization object.

Structure of /UI2/SRVC Authorization Object
Authorization Field Description

CLASSNAME

The name of the DataProvider class. For the /UI2/FIORI_CATALOGS service, set the CLASSNAME field to /UI2/CL_EDM_DP_FIORI_CATALOGS.

ACTVT

Activity:

01 Create - HTTP POST

02 Change - HTTP PUT

03 Display - HTTP GET

06 Delete - HTTP DELETE

/UI2/ENTNM

 Entity name or name of Functionimport. For the /UI2/FIORI_CATALOGS service, set the CLASSNAME field to either ‘Page’ (for Group access) or to ‘Catalog’.

/UI2/KEY1

 Value of the first key field of the entity to be checked.

/UI2/KEY2

 Value of the second key field of the entity to be checked.

/UI2/KEY3

 Value of the third key field of the entity to be checked.

/UI2/KEY4

 Value of the fourth key field of the entity to be checked.

Example: Setup Example

Access to the /UI2/FIORI_CATALOGS service is limited to the X-SAP-UI2-CATALOGPAGE:MY_CATALOG, catalog and the MY_GROUP group. The authorization profile contains the following entries:
  • First entry:
    • CLASSNAME= /UI2/CL_EDM_DP_FIORI_CATALOGS
    • ACTVT=03
    • /UI2/ENTNM=Catalog
    • /UI2KEY1=X-SAP-UI2-CATALOGPAGE:MY_CATALOG
  • Second entry:
    • CLASSNAME=/UI2/CL_EDM_DP_FIORI_CATALOGS
    • ACTVT=03
    • /UI2/ENTNM=Page
    • /UI2KEY1=MY_GROUP