SAP Knowledge Base Article - Public

3413203 - Access Restriction Rules In Sales & Service Cloud V2

Symptom

You are creating Restriction Rules for Business Services and want to understand the different rules which are supported.

Environment

Sales Cloud V2

Service Cloud V2

Reproducing the Issue

  1. Go to Settings.
  2. Search and Open "Business Roles".
  3. Open relevant Business Role. You will have options to restrict Read and Write Access for certain services.
  4. For example, change the write access for sap.crm.service.leadService. You will then have option to assign a rule by clicking on hyperlink "Unassigned".
  5. A new pop up will open where you can select based on Employee, Territory, Org Unit etc.

Cause

NA.

Resolution

Based on the restriction types defined by each service, following restriction rules are supported. When business role is maintained for a user, based on supported restriction types for a service, corresponding rules would be displayed. User can select one or more rules.

Restriction Type Restriction RuleDescription
EMPLOYEE My EmployeeAccess Based Direct Employee Assignment
 Employees reporting to meFor manager: Access based on employee and involvement of employees reporting to user in org unit (including sub-units). For non-manager: Same as “My Employee”
ORGUNIT Service Organization of EmployeeAccess based on service organization of the employee in your organizational hierarchy
 Sales Organization of EmployeeAccess based on sales organization of the employee in your organizational hierarchy
 Org Unit of employeeAccess based on org unit of the employee in your organizational hierarchy
TERRITORY My territory hierarchyAccess based on the employee’s territory assignment only (incl. sub-territories)
SALESAREA My employee sales dataAccess based on employee sales data (sales org + division + dist. channel)
 Sales areas of my sales orgAccess based on all sales area of sales orgs of employee
DISTCHAIN My employee sales dataAccess based on employee dist chain (sales org + dist channel)
 Sales areas of my sales orgAccess based on all dist. chain of sales orgs of employee (sales org + dist channel)

Keywords

Version 2, Access, Write, Read, Settings, IAM, Sales, Service, Cloud,  , KBA , CEC-CRM-IAM , Identity and Access Management for SAP Sales/Service Cloud , Problem

Product

SAP Sales Cloud and SAP Service Cloud Version 2 1.0