Show TOC

Background documentationAuthorization Objects

 

The SAP Application Interface Framework provides authorization objects for different purposes, for example, the system uses the authorization object /AIF/CUST to check a user’s authorization for a Customizing activity.

When a user has the authorization to execute all transactions, then they implicitly also have the authority to execute most of the transactions that are part of the SAP Application Interface Framework.

Note Note

Some transactions, for example, /AIF/CORRECTIONS and /AIF/EDCHANGES, are only protected by the authorization object S_TCODE. For those transactions, it is not possible to restrict access, for example, at the interface level.

End of the note.

Example

With the authorization object /AIF/ERR, the system checks the user’s authorization for error handling in the SAP Application Interface Framework.

The table below shows the fields for the authorization object /AIF/ERR.

Using the activity field, you specify the actions that a user can execute in the system. You might want to specify a user who only has read access to the transaction. You can further limit the authorization by namespace, interface name, and interface version. As a result, the user can execute the specified activities only for the defined namespace / interface name / interface version combination.

Authorization Fields

Field Name

Heading

Authorization Object Setting

ACTVT

Activity

You can enter the following activities:

  • Execute (16)

    Select from index tables

  • Read (33)

    Read a data message's content from the persistence layer

  • Write (34)

    Change a data message's content

  • Administer (70)

    qRFC Monitoring

  • Analyze (71)

    Display application log content

  • Remove (75)

    Cancel a message

  • Resubmit (A4)

    Restart a message

  • General overview (GL)

    XML monitoring

  • Archive (24)

    Start archiving report for SAP Application Interface Framework persistence using SARA

  • Reload (25)

    Restore archived data of SAP Application Interface Framework persistence using SARA

  • Display archive (56)

    Display archived data of SAP Application Interface Framework persistence

/AIF/NS

Namespace

This field refers to a namespace in the SAP Application Interface Framework.

/AIF/IF

Interface Name

This field refers to an interface name in the SAP Application Interface Framework.

/AIF/IFVER

Interface Version

This field refers to an interface version in the SAP Application Interface Framework.

More Information

Recommendation Recommendation

For more information about authorization objects, see the Master Guide for the SAP Application Interface Framework.

End of the recommendation.