SAP Knowledge Base Article - Public

3478896 - TrendData_SysOverallPotential OData API query is not respecting RBPs


TrendData_SysOverallPotential OData API query is not restricted by the Role Based Permission(RBP) Settings.


  • SAP SuccessFactors HCM
  • OData API - Trend Entities

Reproducing the Issue

  1. Set RBPs for a user with the 'Exclude granted users from having the same access to themselves' option enabled to prevent them from viewing/querying their own data.
  2. Data is not visible on the UI for the user as expected.
  3. Perform an OData API query with the same user to fetch their own data.
  4. The OData API response will return their data despite the restrictions applied via RBPs.


TrendData_SysOverallPotential API will validate whether the API user (performing the API call) has the 'Export Extended User Information' and/or the 'Label for trend element sysOverallPotential' permissions and if so, RBPs will be bypassed and the user will be able to query the trend data of any user including him/herself.


In order to resolve the issue, you need to remove either or both permissions.

  1. Administrator Permissions -> Manage User -> Export Extended User Information
  2. User Permissions -> Employee Data -> Label for trend element sysOverallPotential

See Also

SAP SuccessFactors API Reference Guide (OData V2) - Trend Entities


TrendData_SysOverallPotential, potential, rating, label, RBP, OData API , KBA , LOD-SF-INT-ODATA , OData API Framework , LOD-SF-INT-API , API & Adhoc API Framework , LOD-SF-EP , People Profile (Employee Profile / PP3) , Problem


SAP SuccessFactors HCM Core all versions