SAP Knowledge Base Article - Public

2938963 - "Admin access to MDF OData API" permission usage recommendation


MDF provides one permission "Metadata Framework" => "Admin access to MDF OData API" for OData API usage. There will be side effects (role-based permission not respected, workflow not triggered etc.) if this permission is granted to end users without knowing how it works. 


  • SAP SuccessFactors HXM Suite
  • Metadata Frameowrk (MDF)


For a technical user who needs to replicate MDF data between systems through OData API 

  • "Admin access to MDF OData API" permission is recommended. Having this permission, the user can experience a seamless integration as the user has access to all secured and non-secured MDF objects' data from API side ignoring MDF objects' permissions and workflow settings.  

For a general user who needs to access applications built with OData and MDF objects 

  • We don’t recommend granting "Admin access to MDF OData API" permission to general users who only need access to customer-facing applications. 
  • If the user needs access to secured MDF objects, we recommend setting role-based permissions on MDF object level. 
  • If the user only needs access to non-secured MDF objects, we recommend another permission “Access to non-secured objects” which is enough for general users’ consumption of all non-secured MDF objects.  


Odata API, MDF, permission, Admin access to MDF OData API, Odata permission, MDF API , KBA , LOD-SF-MDF-API , OData APIs & Integrations , Problem


SAP SuccessFactors HXM Suite 2005