SAP Knowledge Base Article - Public

2639949 - OData API is not respecting the Role Based Permission Settings


OData API query is not restricted by the Role Based Permission(RBP) Settings.



Reproducing the Issue

For example:

  • You have defined the RBP settings and the API user who has this role assigned (API user T) has restriction to access the target group A.
  • There has an OData API Query which will return group A and B as response.
  • When the API user (API user T) runs this query, the expect result is he can only view the target group A. 
  • But the issue is, he can also view group B as well.


If login user enabled Employee Central HRIS OData API (read-only) permission , then OData will bypass all permissions and return all data.


Please disable this permission and OData API will respect RBP settings.
Employee Central API Permission settings.png

*Please be aware of that when disable EC OData API permission, in integration cases there may have performance issue.


RBP; Role-based Permission; OData API , KBA , LOD-SF-INT-ODATA , OData API Framework , Problem


SAP SuccessFactors HCM Core 1802