Show TOC

Background documentationAuthorizations for Change Requests Locate this document in the navigation structure

 

You can use the authorization object Change Request Type (USMD_CREQ) to execute the following activities in change requests:

  • Create

    You need to assign the users who submit change requests to the Create activity.

  • Change

    You need to assign the users who process change requests in a specific change request step to the Change activity.

    You also need to assign the users to the change request step in one of two ways: either directly as the processor, or indirectly via Organization Management (for example, as a member of the organizational unit that is assigned as the processor of a change request step). In this case, the users can perform any action possible in the change request step - as defined in the respective change request step type.

  • Display

    You need to assign the users who determine the change requests using the business activity Display Change Requests to the Display activity. The assignment of this activity is also required for displaying the header data of a change request.

  • Delete

    You need to assign the users who delete change request drafts to the Create or Change activities, once each per change request type. You also need to assign those users to the Discard activity so that they are able to delete data changes that have not yet been activated.

    Users require authorization for the Delete activity to be able to delete change requests in report program USMD_DELETE_CREQUEST.

  • Discard

    You need to assign the users who must be able to delete data changes that have not yet been activated to the Discard activity. Users can use this activity to execute the report program USMD_DELETE_CREQUEST to reset a change request back to its original state without changing the change request status or the current change request step.

Integration

In addition to the authorization for the change request, the system also checks authorizations at the data level. The system defines these authorizations either as generic using the authorization object USMD_MDAT or as non-generic using MDG applications. In this manner, the system provides its own authorization checks for active data using the class of the reuse active area. All users permitted to submit change requests of a certain type are able to save a draft before submitting the change request. At any given time, a master data object must belong to a maximum of one change request. All change request drafts of all users with authorization for a given change request type are available to allow for collaborative work on the master data.

More Information

For more information about authorization objects of SAP Master Data Governance, run the transaction SU21 and see the objects FMDM and MDG.

For more information about change requests, see Concept of Change Requests.