Security Aspects for the Launch Page
This topic describes special security aspects for the launch page (the first version of the home page for SAP Fiori).
In dynamic app laucher tiles, the OData service that pulls data from the back-end system is only executed on the home page for users. On the catalog administration page, sample data are displayed instead. This makes sure that administrators who maintain catalogs and tiles cannot see dynamic content which should only be visible for specific user groups.
The administration page is available at the following URL:
https://<server>:<port>/sap/bc/ui5_ui5/ui2/launchpage/admin/admin.html
Make sure that this page can be accessed by administrators only. This can be done in the same way as protecting access to the standard page administration UI of the UI add-on for SAP NetWeaver.
For more information, see http://help.sap.com/nw-uiaddon at 
Application Help 
Configuration and Operations Content Administration Suite Page Builder Suite Page Builder Admin Page Page Administration Protecting Access to Page Administration 
.
You can provide users access to the launch page in a standalone browser, in SAP NetWeaver Business Client and in SAP Enterprise Portal.
For more information, see the SAP Library for User Interface Add-On for SAP NetWeaver on SAP Help Portal at http://help.sap.com/nw-uiaddon and search for Providing Users Access to the Launch Page.
By default, the launch page is empty for all users. In order to display tiles on the launch page, you must assign tile catalogs to roles in Role Maintenance (transaction PFCG).
For more information, see the SAP Library for User Interface Add-On for SAP NetWeaver on SAP Help Portal at http://help.sap.com/nw-uiaddon and search for Authorizations for Tiles on the Launch Page.