Each time a transaction starts, the system automatically checks for authorization object S_TCODE. This check is also executed for any transactions that you created yourself.
To maintain authorization objects and fields, you need access to the authorization object Authorizations (S_USER_AUT).
If you use the Profile Generator to generate your authorization profiles automatically, the authorizations for the authorization object S_TCODE are contained in the profiles.
You can also add your own authorization checks to protect critical points in your ABAP programs.
If you call a transaction indirectly, that is from another transaction, the authorization check is not automatically performed. Use Maintain transaction call authorization in CALL TRANSACTION (transaction SE97) to set the check indicator check for the entry for the pair of calling and called transaction to ensure that the called transactions are also subject to an authorization check.
For more information, see SAP Note 358122 .