2799227 - RBP For Integration Center to Allow users to execute "Application/UI" or "Event-based (ISC)" Integrations Type

Background 

Previously (before Q2'2019) to run Integration Center Job Triggered by Application UI or Event Based(ISC), below permission must be granted to the user triggering either of the two trigger types mentioned.

• Admin access to MDF OData
• Allow Admin to Access OData API through Basic Authentication
• Access to non-Secured Objects

Sample Scenario:

Let us consider an example where a recruiter does a background check of a candidate before actually scheduling an interview. Here, you need to have an Application/UI triggered integration created and mapped to a corresponding background check vendor.

As a recruiter, you don't need the mandatory permissions to initiate background check using Integration Center. However, to use Integration Center for modeling and executing the integration you need above mentioned permissions to execute the Integration. Under Resolution Section New Permission can be provided in such scenarios.

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."

SAP Successfactors Integration Center

Granting Access to Odata API to all Admin users which only perform specific execution like applications in Recruiting Management, Employee Central and/or triggering specific Intelligent Service Event Based Integration needs for an update to (1) Improve control to permission granted to admins to only their scope and (2) tighten restriction for data security.

At Q2'2019, A new permission 'Allow users to execute "Application/UI" or "Event-based (ISC)" Integrations' is now added to execute integrations in Integration Center triggered from other applications like Recruiting Management, Employee Central, and so on, or trigger an Intelligent Service event to run the integration.

Note : In this case , the new permission can be provided to the executor role which can bypass the actual permissions needed to access and run integrations via IC 

Procedure

1. 1. Go to the Admin Center.
2. 2. In the Tools Search field, enter Manage Permission Roles.
3. 3. Select a role and click Permission.
4. 4. Under Administrator Permissions, select Manage Integration Tool and enable the below.

In summary, the permissions needed for the ISC (Intelligent Service Center) + IC (Integration center) event scenario are:

• Before Q2'2019
• Intelligent Service Tools > Event Center
• Manage Integration Tools > Allow Admin to Access OData API through Basic Authentication
• Admin Center Permissions > Read Execution Manager Event Payload or Event Report
• After Q2'2019
• Manage Integration Tools > Allow users to execute "Application/UI" or "Event-based" Integrations 

---------------

Please also check if the person who saved your ISC event is still active in your SF instance and it have these permissions above.

One indication of that the person/user left the company is the text "undefined" on the top of your ISC event:

• Last saved Mon, Month day, year at hh:mm PM by undefined
• Last published Mon, Month day, year at hh:mm by undefined

In case you see the word "undefined", please save/publish again the ISC event with one active user that have these mentioned roles.

Integration Center Handbook / Guide

Role-based Permissions for Integration Center

Intelligent Services (ISC), Integration Center, Application UI Based Integration, Event Based, Odata API, Allow users to execute "Application/UI" or "Event-based (ISC)" Integrations, undefined, Unable to trigger event 'Hire' due to No permission! , KBA , LOD-SF-INT-INC , Integration Center , LOD-SF-INT , Integrations , LOD-SF-INT-ODATA , OData API Framework , Product Enhancement