3683063 - How to Review Onboarding User Permissions

• Is it mandatory to provide below permissions for the candidate to appear in MPH? 
  • Employee Central Foundation SOAP API
  • Employee Central Foundation OData API (read-only)
  • Employee Central Foundation OData API (editable)
• In the Latest People Profile – Full Profile, more fields are visible to the user than expected. 

SAP SuccessFactors Onboarding

In early releases of SAP SuccessFactors Onboarding this set of permissions was needed to view the new hire data in Manage Pending Hire. However, these permissions are no longer required for Onboarding. Please review your permission roles and remove these permissions from the Onboarding end-user roles. They are intended only for technical users for integration purposes, as highlighted in https://me.sap.com/notes/3594795. 

Permissions to Check

Under Employee Central API, the following permissions should NOT be granted to end users:

• Employee Central Foundation SOAP API
• Employee Central Foundation OData API (read-only)
• Employee Central Foundation OData API (editable)

Why This Matters

If these permissions are granted to end users:

• When migrating to Latest People Profile – Full Profile, more fields will be visible to the user than expected, which can lead to data exposure risks.
• These permissions were previously needed for Onboarding but are now only required for technical users managing integrations.

Key Actions needed at your end

•   Audit your Onboarding permission roles.
•   Remove technical API permissions from end-user roles.

Important Update: Review Onboarding User Permissio... - SAP Community

Employee Central Foundation SOAP API, Employee Central Foundation OData API (read-only), Employee Central Foundation OData API (editable), MPH, Onboarding, Latest people profile, Full profile, Fields visible, Fields not respecting permissions, EC.  , KBA , LOD-SF-OBX-EC , Integration EC - MPH, Hire , How To