Show TOC

Defining User RolesLocate this document in the navigation structure

Use

User roles enable you to grant authorizations for particular actions (such as changes) for a defined set of objects.

Prerequisites

You have activated exchange profile parameter com.sap.aii.util.server.auth.activation.

Features

Define User Role

  1. In the Integration Builder menu bar, choose Start of the navigation path Tools Next navigation step User Roles Next navigation step New End of the navigation path.

  2. Specify the name of the user role.

  3. Define the object set that you want to define the authorization for.

    • To define authorizations for objects of logical routing, a collaboration agreement, or a configuration scenario, select the Objects tab page.

      In the Types column, select the object types to which the authorization is to apply.

    • To define authorizations for objects of the collaboration profile, select the Partner tab page.

      In the Selection Paths column, you can first define the party or communication component to which the authorization is to apply.

      To do this, call the input help in the Party or Communication Component column.

      Note

      If you only select exactly one party, only the communication components of this particular party are displayed in the input help.

      If you specify Any Parties , the input help for communication components is deactivated (a communication component is assigned to exactly one party or is classified as a communication component without an assignment to a party).

      In the Objects column, you can restrict the authorization to apply just to objects that are assigned to the party or the communication component selected previously.

  4. In the Operator column, define whether your object selection is to be included (Include) or excluded (Exclude) from the authorization for particular actions.

  5. Specify the permitted actions for the object set.

    To do this, call the input help in the Actions column and select the permitted actions.

    You can choose between the following actions:

    • Read

    • Write

    • Change

    • Full Edit (read, write, and change)

  6. Save and activate the user role.

Activate User Role

For it to take effect, you must hand over your role to the User Management Engine. You do so by activating the user role.

To activate a user role, choose Activate User Role . To undo, choose Deactivate User Role .