SAP Knowledge Base Article - Public

3165869 - Odata : No authorization to access Service

Symptom

Calling OData service returns error:

No authorization to access Service '%SERVICE_NAME%'

Status code: 403

The following message will also be displayed:

<SAP_Transaction>For backend administrators: use ADT feed reader "SAP Gateway Error Log" or run transaction /IWFND/ERROR_LOG on SAP Gateway hub system and search for entries with the timestamp above for more details</SAP_Transaction>

<SAP_Note>See SAP Note 1797736 for error analysis (https://service.sap.com/sap/support/notes/1797736)
The screen is as below:
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.  

Environment

  • S/4 Cloud as the source
  • External Web / DataSphere ... as the target

Reproducing the Issue

Cause

Missing authorization / role of the user which can be seen by transaction SU53.

Resolution

  1. Find which role has the authorization to access the service:
    SUIM -> Roles -> 'Search for Startable Applications in Roles' with the selection
      Application Type -  SAP Gateway: Service Groups Metadata
      Application         -  '%SERVICE_NAME%'



    -> Execute -> The role then is displayed:


  2. Grant the missing role above to the user 

If you have no access to the transactions above, please open a SAP case.

See Also

Authorization Object: S_SERVICE

Keywords

SAP Gateway, SAP OData Gateway, /IWFND/GW_CLIENT, 403, /IWFND/CM_CONSUMER , 101, No authorization to access Service, No authorization, SIUM, SU53, Role, Roles, Search for Startable Applications in Roles, S/4 Cloud , KBA , OPU-GW-COR , Framework , BW-WHM-DBA-ODA , Operational Data Provider for ABAP CDS, HANA & BW , Problem

Product

SAP S/4HANA Cloud Public Edition all versions

Attachments

3165869_2.png
3165869_3.png
Pasted image.png
image.png
image.png
image.png
4561bde73b9866502c66372a85e45a54