Symptom
How to get "Identity and Access Management" information (i.e. business roles, logon details, price category,...)
Environment
SAP S/4HANA Cloud Public Edition
Resolution
The following SAP views are released for Key User Extensibility in S/4HANA Cloud:
View | Description |
I_IAMBusinessRole | Business Role |
I_IAMBusinessRoleText | Business Role Text |
I_IAMBusinessUserBusinessRole | Business User - Business Role assignment |
I_IAMBusinessUserLogonDetails | Business User Logon Details |
I_IAMBusinessUserPriceCategory | Business User Price Category |
I_IAMBusinessUserPriceCatText | Business User Price Category Text |
I_IAMSupportUserRequestLog | SAP Support User Request Log |
The following Business Catalogs provide authorization to the views:
Business Role Catalog |
Authorizations |
Restrictions |
---|---|---|
User Management
SAP_CORE_BC_IAM_UM |
Maintain Business Users |
Not possible to assign business roles to the business users |
Display Technical Users |
None | |
IAM Information System |
None | |
Role Management
SAP_CORE_BC_IAM_RM |
Maintain Business Roles |
Not possible to assign business roles to the business users |
Business Role Templates |
None | |
Business Catalogs |
None | |
IAM Information System |
None | |
Role Assignment
SAP_CORE_BC_IAM_RA |
Maintain Business Users |
Only possible to assign business roles to the business users. Not possible to change the user data. |
Maintain Business Roles |
Only possible to assign business roles to the business users. Not possible to change the business roles | |
IAM Information System |
None | |
Identity and Access Management - Role Management - Display
SAP_CORE_BC_IAM_RM_DISP_PC |
This business catalog enables to grant read-only access to the following Identity and Access Management apps: • Maintain Business Roles • IAM Information System • IAM Key Figures • Business Role Templates • Business Catalogs • Display Restriction Types | None |
Identity and Access Management - User Management - Display
SAP_CORE_BC_IAM_UM_DISP_PC |
This business catalog enables to grant read-only access to the following Identity and Access Management apps: • Maintain Business Users • IAM Information System • IAM Key Figures • Display Technical Users | None |
See Also
Communication scenarios:
- SAP Help Portal - Integrating Identity Management
- SAP_COM_0093 Identity Management Integration (without Identity Provisioning)
- SAP_COM_0193 Identity Provisioning Integration (with Identity Provsioning)
- SAP_COM_0366 (SAP Help - Integrating Business Role Change Documents)
- SAP_COM_0327 (SAP Help - Integrating Business User Change Documents)
- SAP_COM_0750 (SAP Help Portal - How to Access Security Logs via API)
In Developer Extensibility(3-system landscape), the following classes and methods are allowed to read, create and modify business roles and business users:
Class/Method | Description |
CL_IAM_BUSINESS_ROLE_FACTORY | Factory class for IF_IAM_BUSINESS_ROLE_FACTORY |
IF_IAM_BUSINESS_ROLE_FACTORY | Allowed to query and retrieve business role instances |
IF_IAM_BUSINESS_ROLE | Allowed to read and modify attributes of business roles |
CL_IAM_BUSINESS_USER_FACTORY | Factory class for IF_IAM_BUSINESS_USER_FACTORY |
IF_IAM_BUSINESS_USER_FACTORY | Allowed to query and retrieve business user instances |
IF_IAM_BUSINESS_USER | Allowed to read and modify attributes of business users |
For more information, check Developer Extensibility > Development in the ABAP Environment > Reuse Components > Identity and Access Management
Keywords
IAM, Identity and Access Management, price category, logon details, business role, business user, CL_IAM_BUSINESS_ROLE_FACTORY, IF_IAM_BUSINESS_ROLE_FACTORY, IF_IAM_BUSINESS_ROLE, CL_IAM_BUSINESS_USER_FACTORY, IF_IAM_BUSINESS_USER_FACTORY, IF_IAM_BUSINESS_USER, iam class , KBA , BC-SRV-APS-IAM , Identity and Access Management , Problem