SAP Knowledge Base Article - Public

2229272 - Checking User Permissions (for example Report Permission) via User Role Search

Symptom

  • How do I know if a user is able to access reporting data for a specific report or employee?
  • What are the roles granted to specific users?
  • How to check if a user has a specific permission?

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

SAP SuccessFactors HXM Suite

Resolution

  • The User Role Search function allows searching specific roles granted to users.
  • Below are some examples on using the User Role Search function to check report data access:

Example 1

Does user sfadmin have access to Report Centre:

  1. Admin Centre > Search for User Role Search
  2. Enter the Access User, Permission Category, Permission type
    A Target user is not required here since access to the Report Centre tab does not have any target population assocaited to itself
  3. Select Search Roles. In this case the user sfadmin gets Report Centre access through the two roles System Admin and Employee Self Service


    sfadmin_userRoleSearch.png

Example 2

Does user cgrant have access to any reporting data for the user admin? Check if cgrant has report access/permission for the user admin as follows:

  1. Admin Centre > Search for User Role Search
  2. Enter the Access User, Permission Category, Permission type and the Target User
  3. Select Search Roles. In this case the user cgrant has no access to report data for the user admin

cgrant permission.png

  1. Check this by running an Ad Hoc report created by the user cgrant:

cgrant result.png

Example 3

Does the user admin have access to any reporting data for the user cgrant? Check if user admin has report access/permission for the user cgrant as follows:

  1. Admin Centre > Search for User Role Search
  2. Enter the Access User, Permission Category, Permission type and the Target User
  3. Select Search Roles. In this example, the User admin has access to report data for the user cgrant via the Role name System Admin
  • Specifically, via the Groups/Users granted with role permission access and their targets
  • Group/User granted with role permission: System Administrators, Master
  • Target population: All

Admin Permissionpng.png         
     


Admin Permissionpng.png           
     

  • This can be confirmed by running an Ad Hoc report created by the user admin:

 admin result.png

  • The same approach can be used for different reports like List Views, Classic Reports etc..

Report Selection.png

  • Select multiple users in order to compare the permissions they have:

group & target.png

Keywords

sf, success factors, check, authorization, based, RBP, Group, Target, Population, View, Manage, Proxy, import , KBA , user role search , report permission , user permission , authorization , restriction , rbp , LOD-SF-ANA , Analytics & Reporting (Ad Hoc, YouCalc, ORD) , LOD-SF-EC , Employee Central , LOD-SF-PLT , Platform Foundational Capabilities , LOD-SF-RCM , Recruiting Management , LOD-SF-EP , People Profile (Employee Profile / PP3) , LOD-SF-SCM , Succession Management , LOD-SF-PM , Performance Management , LOD-SF-CDP , Career Development Planning , LOD-SF-GM , Goal Management , LOD-SF-PLT-SEC , Security Reports , LOD-SF-CMP , Compensation Management , How To

Product

SAP SuccessFactors HXM Suite all versions