Symptom
How to restrict user authorization by Company Code in Maintain Business Roles app
Environment
SAP S/4HANA Cloud Public Edition
Resolution
- Business Roles can be restricted by company code on a per role basis
- In the Maintain Business Roles app you can select a role, and then select "Maintain General Restrictions" at the bottom of the page
- Access can be restricted for read or write, and can be restricted for each relevant restriction area
- Under the necessary restriction area or areas add the company code that you would like to restrict the users to view
- Separate roles can be created for each company code if necessary
- Maintain the 'Company Code Hierarchies' restrictions otherwise the restrictions might not work
Details and screenshots for restricting authorization can be found under "How Can I Limit What Data a Person Can See in the Apps?" on the Identity and Access Management - FAQ
Keywords
restriction business user role Identity and Access Management , KBA , BC-SRV-APS-IAM , Identity and Access Management , How To
Product
SAP S/4HANA Cloud Public Edition all versions