Authorization object that is used to check whether a user is authorized to start the different HR transactions. The transaction code is checked.
The P_TCODE authorization object is not used in all HR transactions. We distinguish between:
HR transactions with natural (own) authorization objects, such as persons (employees, applicants), statements, or similar.
In transactions of this type, these natural authorization objects (
HR: Master Data, HR: Applicants, and HR: Statements
) are used for the check. When a user starts a transaction, the system uses the same object to check minimum authorizations. For example, a user must have at least a read authorization to be able to edit employee data, that is
R
in the
Authorization Level
field of the
HR: Master Data
object.
HR transactions without natural authorization objects, such as processing system settings (cycles, features) and personnel control records, and so on.
In transactions of this type, differentiated authorization checks do not take place: The system only checks whether or not the user is authorized to start the transaction. These HR transactions are protected by the
HR: Transaction Codes
check object. You can find a list of these transactions as follows:
Choose
.Then choose
and finally .Enter
P*
as the transaction code in the
Transaction
field.
Enter the authorization object P_TCODE in the Test Object field.
Choose
.The P_TCODE authorization object contains the following field, which is tested during an authorization check:
Authorization Field |
Long Text |
TCD |
Transaction Code |
You can also use authorizations for the S_TCODE authorization object (
Check Transaction Code at Start of Transaction
) to protect the HR transactions. In this context, note that the P_TCODE authorization object was implemented before the S_TCODE authorization object. The P_TCODE authorization object was maintained as an additional protection measure given the increased need for the protection of person-related data.