Authorizations

Assigning RFC Authorizations in the SAP System

Take the following into account when you grant RFC authorizations to users in SAP systems:

The ABAP authorization object required for using RFC is S_RFC.

The user in the target system must have this object in his or her authorization profile to be able to use RFC to connect to the target system.

Defining Authorization Checks for Function Calls

Make sure that you include authorization checks for the functions of the external system, if these functions can be called using RFC.

Any authorization checks in an external system must be defined in the logic of the relevant external application. The external application can access the following data, provided by RFC when the user logs on:

Function Name
Client
Language
Users
Transaction Code

Note

You can use RfcGetAttributes to query extra system data from the calling program.

End of the note.

More Information

For information about setting up the authorization object S_RFC, see the following:

Authorization Object S_RFC

For more information on defining additional authorizations for accessing external server programs:

Restricting Access to External Server Programs

For further information about RFC network security when using external servers, see the following:

Network Security and Communication