Symptom
How to Restrict field level permissions for API access to Effective dated EC entities
"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."
Environment
SAP SuccessFactors HXM Suite
Cause
Need to disable/enable permissions
Resolution
Given that the API user have already have the permission "Allow Admin to Access OData API through Basic Authentication "
Next step is to follow the steps below:
- Disable "Employee Central HRIS OData API (read-only)" permission as this bypass all permissions and return all data.
2. In User Permissions -> Employee Central Effective Dated Entities -> Choose the fields you want to return.
For this example, we will use Job Information.
The fields "Company" and "Business units" are the fields we want to return.
Note: "View Current" permission on the line "Job Information Actions" should also be enabled.
3. Click Save
4. Execute API Call: /odata/v2/EmpJob?$format=json
5. In the response payloads, other fields like seqNumber, userId, startDate are returned.
These properties are key properties or system properties which are forced to be enabled.
Note: If you only need these 2 properties, you can use $select parameter.
/odata/v2/EmpJob?$select=company,businessUnit&$format=json
Response:
See Also
2635970 - How to Restrict field level permissions for API access to Non Effective dated EC portlets/entities
Keywords
Restrict field level API access, disable field level permissions, Restrict API access , KBA , LOD-SF-INT , Integrations , LOD-SF-INT-EC , Employee Central SFAPI & OData Entities , How To
Product
Attachments
Pasted image.png |
Pasted image.png |