Roles for Secure Usage of the Integration Directory Programming Interface
With the Integration Directory programming interface (Integration Directory API), you can access (read and write) the content of the Integration Directory based on a program. This enables you, for example, to make mass changes in the Integration Directory. Therefore, securing this access channel is a key requirement.
More information: Integration Directory Programming Interface
To secure Integration Directory access via the programming interface, the following roles are available:
-
SAP_XI_API_DISPLAY_J2EE and SAP_XI_DISPLAY_USER_J2EE
These roles allow the execution of the following Integration Directory API operations:
-
Query
-
Read
-
Check
-
GetState, CheckContent, GetCacheState, GetObjectIdentifier (only for access to change lists)
-
-
SAP_XI_API_DEVELOP_J2EE and SAP_XI_CONFIGURATOR_J2EE
These roles allow the execution of the following Integration Directory API operations:
-
Change
-
Create
-
OpenForEdit
-
Revert
-
Delete
-
CreateFromTemplate (only CommunicationChannelService)
-
Activate
-
Revert (only ChangeListService)
-
More information: Assigning Permissions