Definition of Signatures in PI Sheets (SAP Library - Process Management (PP-PI-PMA))

Definition of Signatures in PI Sheets

Use

If you want to sign data in the PI sheet, you define a process data request with a signature. You have the following options:

Signature to accept invalid input values

In this case, you define the signature as part of an input validation. You only enter a signature in the PI sheet, if you want to accept an input value although it is outside the defined value range.

Signature to complete a process step

In this case, you add the signature as an input value into the usual sequence of steps in the PI sheet. The entries and formula results of the relevant process step are reported when the signature is entered, that is, the corresponding messages are transferred to process management for sending. After this, you cannot change the values anymore.

Signature to sign/complete the PI sheet

Technically speaking, the signature is identical to the signature that is used to sign a process step. However, it is executed at the end of the PI sheet after all process steps have been completed.

In ABAP list-based PI sheets, you can use any type of signature for this. By executing the signature, you only confirm that the data is complete and correct.

In browser-based PI sheets, you must use the digital signature with a signature strategy and an asynchronous signature process (see below). The PI sheet is completed automatically when the signature process is completed.

For statements concerning quality in the manufacturing process, you can enter a comment. If the corresponding Customizing settings are made, the comment is transferred to the batch record and can be used as a basis for the usage decision.

Prerequisites

The type of signature to be used in the PI sheet has been defined in Customizing for Control Recipe Destinations.

You have the following options:

Signature without a password check

Signature with a simple password check

You can use this type of signature for ABAP list-based PI sheets only. You define the passwords for the relevant users in Customizing for Control Recipe Destinations.

Digital signature

If several individual signatures are to be executed, you can also specify the following in the control recipe destination:

Which signature strategy is to be used to sign process steps and PI sheets

Which signature strategy is used to accept invalid input values

For more information about digital signatures and the required settings, see Approval Using Digital Signatures.

If you want to use signatures to complete browser-based PI sheets, you must use digital signatures.

Features

Signatures for Invalid Input Values

You define these signatures if you define input validations. For more information, see:
Type 0: Definition of Input Validations
Type 2: Definition of Input Validations

Signature for Process Step / PI Sheet

You define these signatures as input values in a process data request. The structure rules for this process instruction are identical to that of all other data requests.
See also:
Type 0: Definition of Data Requests
Type 2: Process Data Requests for PI Sheets
Note the following:

Type of data request

You can define one signature for each data request. Depending on the data request, the signature is processed differently.

In a simple data request, you use signatures to complete the preceding entries and calculations since the last signature. If a signature is preceded by a table, you cannot enter more table entries once the signature has been executed.
In repeated data requests, signatures must be positioned in the last table column, that is, you must define the signature as the last input value of the process instruction.
You use signatures to complete the preceding table entries. However, you can still enter more table entries as long as the maximum number of table lines has not been reached.

Message category

You must assign a message category that contains characteristic PPPI_SIGNATURE to the process instruction.

Note that in repeated data requests you must enter a signature for every table line if the signature is marked as required in the message category.

Input value for the signature

You must define characteristic PPPI_SIGNATURE as an input value in the process instruction.

The characteristic is transferred to the message that the system creates for the process instruction. The following value is assigned to the characteristic:

If only one signature or one digital signature is executed:
the signature or name of the signatory
If signatures that consist of several individual digital signatures are executed:
the key of the corresponding signature strategy
You can display the signatures in the PI sheet.

Authorization to execute a signature

For the following types of signature, you can specify that a user requires a special maintenance authorization for the PI sheet to execute the signature.

In browser-based PI sheets:

For signatures without a password
For digital signatures

In ABAP list-based PI sheets:

For signatures with a simple password check
For digital signatures

The system then checks if the activity specified in the process instruction has been included in authorization object C_CRPI_BER in the user master record.

Irrespective of the settings you make here, the system checks the following authorizations for digital signatures:

Activity 73 (Archive) in authorization object C_CRPI_BER (PI sheet)
For individual signatures in a signature strategy, the authorization group for the individual signature in authorization object C_SIGN_BGR (authorization groups for digital signatures)

Signature strategy for digital signatures

If several users must sign a process step, you use a signature strategy to define which individual signatures are required. You can assign a signature strategy in the control recipe destination. This strategy is then used for all process steps or for all input validations. If you want to use a different strategy for a particular process instruction, you assign the strategy to this process instruction.

If you want to use signatures to complete browser-based PI sheets, you must use a signature strategy.

Synchronous or asynchronous signature process

In the PI sheet, signature strategies are carried out synchronously by default. This means that all signatures must be executed immediately one after another without exiting the function.

However in process instructions that are used to sign the entire PI sheet, you can determine that the signature strategy is carried out asynchronously. The system stores the signatures individually. The PI sheet can be exited after each individual signature and can be called again by the next signatory.

If you want to use signatures to complete browser-based PI sheets, you must use the asynchronous signature process.

To define the data for the signature, you assign the following characteristics in the process instruction:

Characteristic

Meaning

Value

PPPI_INPUT_REQUEST

Input request

Any short text

PPPI_REQUESTED_VALUE

Input value

PPPI_SIGNATURE

PPPI_SIGNATURE_
AUTHORIZATION

Required authorization
(only for signatures with a password check and digital signatures)

Any value for the Activity field in the authorization object C_CRPI_BER

PPPI_SIGNATURE_STRATEGY

Signature strategy
(for digital signatures only)

Strategy defined in Customizing

PPPI_SIGNATURE_MODE

Synchronous or asynchronous signature process
(only for signing / completing PI sheets with a signature strategy)

S (synchronous)
A (asynchronous)

Characteristic	Meaning	Value
PPPI_INPUT_REQUEST	Input request	Any short text
PPPI_REQUESTED_VALUE	Input value	PPPI_SIGNATURE
PPPI_SIGNATURE_ AUTHORIZATION	Required authorization (only for signatures with a password check and digital signatures)	Any value for the Activity field in the authorization object C_CRPI_BER
PPPI_SIGNATURE_STRATEGY	Signature strategy (for digital signatures only)	Strategy defined in Customizing
PPPI_SIGNATURE_MODE	Synchronous or asynchronous signature process (only for signing / completing PI sheets with a signature strategy)	S (synchronous) A (asynchronous)