SAP Knowledge Base Article - Public

3508956 - API user created the Job Requisition can access it without having any roles assigned - Recruiting Management

Symptom

API user created the Job Requisition can access it without having any roles assigned.

Environment

SAP SuccessFactors Recruiting Management

Reproducing the Issue

  1. Create a job requisition using an API user via OData API.
  2. Set the originator to another user in the payload. Do not assign any role to the API user in the route map.
  3. The API can still access the job requisition. In reporting, the API user appears as "approver".

Cause

The API user is the job requisition creator. If the system cannot find another operator role associated with the creator, the creator is automatically assigned the V role.

Resolution

It is recommended not to pass the Originator in the API payload. Doing so will conflict with the user creating the requisition.
Even If the Job Requisition creator is not assigned the Originator role and is not a part of the route map, the creator will still be able to see the requisition, but will not be able to approve/update it.

Keywords

Postman, OData API, API creation, job req form , KBA , LOD-SF-RCM-API , Webservices & APIs , Problem

Product

SAP SuccessFactors Recruiting all versions