SAP Knowledge Base Article - Public

2238766 - Permissions to uncheck for read-only access to OData services


Customer wants to create a new role but only wants to grant read-only access to this role in regards to OData services.

Customer needs to know which permissions need to be unchecked, which will result in read-only access being granted.

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental"





  1. Firstly you need to log into SAP Successfactors
  2. Go to Admin Center
  3. Go to Manage Permission Roles
  4. From there you can either create a new role and grant the permissions there or else click on an existing role and from there click on the "permission" button which will enable you to uncheck the relevant permissions


  5. Below are Screenshots that show which permissions need to be unchecked in order to grant read-only access for OData to the relevant role.
    Admin Access to OData API (In the below screenshot) is what enables you to query the OData using the API Tool so this is an important permission to make sure is unchecked.

    Allow Admin to Access OData API through Basic Authentication.PNG




RBP, Role Based Permissions, OData API, Permissions for read-only access to OData Services, OData API Permission , KBA , LOD-SF-INT-ODATA , OData API Framework , LOD-SF-INT , Integrations , LOD-SF-INT-API , API & Adhoc API Framework , How To


SAP SuccessFactors HCM suite all versions