SAP Knowledge Base Article - Public

2549287 - Read only access is not possible for the Identity and Access Management Apps


Read only access not possible for the catalogs SAP_CORE_BC_IAM_RA, SAP_CORE_BC_IAM_RM, and SAP_CORE_BC_IAM_UM which are used for the IAM apps



Reproducing the Issue

  1. In the Maintain Business Roles app create a new business role
  2. Assign one of the catalogs listed above to this business role
  3. In the Maintain General Restrictions section choose the option for no write access for this catalog
  4. Users with this role will still be able to make changes in the apps like Maintain Business Users


  • Some apps have no field restriction options
  • This is expected behaviour for these catalogs


  1. Go back to the Maintain General Restrictions section in Maintain Business Roles
  2. Choose the option as restricted for write access
  3. This would typically let you adjust which fields are restricted for this catalog
  4. Catalogs with no fields displayed here, do not have the option to restrict fields, or be read only


SAP_CORE_BC_IAM restrictions readonly read only write access role Maintain Users IAM catalog , KBA , BC-SRV-APS-IAM , Identity and Access Management , Problem


SAP S/4HANA Cloud 1708