Show TOC

Create PFCG Role on Front-End and Assign Launchpad Catalogs and GroupsLocate this document in the navigation structure


You must perform this step and the following authorization- and role-related tasks on the front-end server to equip the user with the UI access to apps and the start authorizations for the activated OData services used by the apps.

  1. Open transaction Role Maintenance (PFCG).

  2. Create a new single role and assign the following in the role menu:

    • Type Catalog

    • Catalog Provider Fiori Launchpad Catalogs

    • Catalog ID, for example, SAP_HCM_BC_EMPLOYEE_X1

    • Optional (if the users should see the tiles in a group already on the SAP Fiori launchpad start page): Type Group, Group ID, for example, SAP_HCM_BC_EMPLOYEE_X1

    Alternatively, you can copy the template business role delivered by SAP, which already contains the catalog and group, as sample content to your customer namespace.

  3. Add the following in the (new or copied) role menu for each of the OData services:

    • Type Authorization Default

    • Authorization Default TADIR Service

    • Object Type IWSG – Gateway: Service Groups Metadata

  4. Select TADIR Service using value help for the object name with <name of activated service>.

  5. Save the role menu, and go to the role authorization, change the authorization data, and adopt the generated authorizations accordingly.

  6. Generate the authorization profile and save it.