Show TOC

 Assignment of Structural Authorizations


You can use this function to assign structural profiles to users using table T77UA.


In contrast to general authorization profiles, which are assigned using the Profile Generator (PFCG transaction), you use table T77UA ( User Authorizations = Assignment of Profile to User ) to assign structural profiles.

Note Note

You can edit this table in the Implementation Guide (IMG) for Organizational Management under Start of the navigation path Basic Settings Next navigation step Authorization Management Next navigation step Structural Authorization Next navigation step Assign Structural Authorization End of the navigation path .

End of the note.

Alternatively, you can use the HRBAS00_GET_PROFL Business Add-In (BAdI). This BAdI enables you to implement an alternative determination of structural profiles.


You can assign users to structural profiles using table T77UA or transaction OOSB.

The system first searches for entries for the current user in the T77UA table ( User Assignments ). If one or more entries exist, the set of objects is mapped according to the profile definition. The set of objects is then checked against the concrete object and the action ( Display or Edit ). The authorization is granted only if the object to be checked exists with the necessary processing indicator in the set of objects.

Note Note

If there is no entry in the T77UA table ( User Authorizations ) for the current user, the above check takes place within the T77UA table for the entry SAP*. If still no entry exists, the authorization is denied. In the standard system, there is an entry for user SAP* with the profile ALL. This means that when you first implement mySAP HR , all users have complete authorization as far as structural authorization is concerned

End of the note.

See also:

HRBAS00_GET_PROFL (BAdI: Determine Assigned Structural Profiles)