Show TOC

Procedure documentationMaintain Users and Recipients Locate this document in the navigation structure

Procedure

There are two key approaches that you can take to maintain users and recipients. These are explained below.

User-centric view

The first approach is to use the transaction Display all Recipients (/AIF/RECIPIENTS). This transaction provides you with a user-centric view for assigning users to recipients. The report gives an overview of the assignments of a user to recipients and enables you to make new assignments.

For each user you can define a message type that defines which kind of message will trigger an alert.

The Overview flag specifies if the user can see this kind of message in the Interface Monitor.

The Technical user flag defines if the user can monitor the abort and in process status message in the Interface Monitor screen.

Recipient-specific view

In contrast, the second approach offers a recipient-centric view for assigning a user to recipients. This functionality can be accessed via the Customizing transaction of the SAP Application Interface Framework (/AIF/CUST_IF). In Customizing, you must expand the Error Handling node and click on Define Recipients. You are then able to see which users are assigned to which recipient. Also, new assignments can be made. In Define Recipients, it is possible to assign roles and external addresses to a recipient.

For each assignment, you can specify a message type that will trigger an alert.

The Overview flag specifies if the user/role can see this kind of message in the Interface Monitor.

The Technical user flag defines if the user/role can monitor the abort and in-process status message in the Interface Monitor screen.

Notific. Msg Type specifies that the message statistics of a defined message type will notify the assigned user/ role/ external address by email.

Assigning Authorizations on Interface Level

Within the Customizing transaction (AIF/CUST_IF) of the SAP Application Interface Framework, it is possible to assign interface-specific authorizations. Using an interface-specific authorization, you can allow or deny the user certain activities depending on data received by the interface.

In the Customizing transaction, expand Error Handling and click Interface-specific Features. Here, the key field for the authorization has to be maintained. In addition, a field sequence number is specified.

Click Assign authorization objects and maintain an authorization object. After inserting the authorization objects, you must assign the authorization fields to the key fields. The authorization fields are maintained in the authorization object, which can be defined in transaction SU21.

When inserting a field sequence number, you must insert the corresponding field sequence number from the definition of the key fields. In addition, the Field Name defined in the authorization object needs to be maintained. The value of the key field is specified in an authorization role that the authorization object is assigned to.

Example

The interface-specific authorization can be used, for example, if you want to specify that users are only able to display or change data if the data was received from a particular business system.

An interface named INTERFACE01 exists. You have two users (USER01 and USER02) and the interface can receive data from either SYSTEM01 or SYSTEM02. USER01 is only responsible for data received from SYSTEM01 and USER02 is only responsible for data received form SYSTEM02. The interface-specific authorization is used to ensure that USER01 is not able to change data received from SYSTEM02.