/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
The functionality “Restrict employee data access based on responsibility period for managers” released does not limit visibility to the responsibility period.A manager can still view the complete job information history of an employee after the manager’s responsibility period has ended.
Environment
SAP SuccessFactors Employee Central - Job Information
Reproducing the Issue
- Login as a manager role who previously managed a given employee for a specific period.
- Search for the employee.
- Navigate to Job Information and open the history.
- Observe that the manager can view the full history instead of only entries within the responsibility period.
Cause
There is a Role-Based Permission (RBP) configuration conflict: the manager is receiving the “Job Information actions → View current” permission (and potentially other Job Information permissions) through an additional role with a broader target population—such as “all users”—which includes the manager’s direct reports. This broader assignment overrides the intended responsibility‑period restriction. Any additional or overlapping role assignments containing these permissions prevent the restriction from being enforced.
Resolution
The engineering team will work on a permanent fix for the same under enhancement ECT-269782. This document will be updated as soon as a fix is planned.
Workaround:
- Identify all RBP roles assigned to the manager that grant Job Information permissions, especially “Job Information Actions -> View Current and View history” and "Personal Information Actions -> View Current and View history"
- Ensure that “Job Information Actions/ Personal Information Action -> View current” and “View history” for managers are granted only via one role whose target population is limited to the manager’s direct reports (n-1).
- Remove or disable any duplicate “Job Information actions -> View current” (and related Job Information permissions) from other roles with broader target populations (for example, public/all users) that include the manager’s direct reports.
- Alternatively, adjust the target population of broader roles so they explicitly exclude the manager’s direct reports.
See Also
- SAP SuccessFactors Product Release & Road Map Information
- SAP SuccessFactors Patches Knowledge Base
- KB Article 2171560 - How to be notified of new or updated SAP Notes or KBAs.
- Restrict Employee Data Access to Authorized Managers
- How to Restrict Access to Employee Data Based on Responsibility Period
- 2453406 - Access is provided instead of restriction - Role Based Permission
Keywords
INC22459867, ECT-269782, responsibility period, manager restriction, job information history, view current, view history, RBP, role-based permissions, public role, target population, direct reports, n-1, full history visible, 2H 2025, employee central, authorized managers , KBA , LOD-SF-EC-RBP , Roles & Permissions (EC Core only) , LOD-SF-EC-JOB , Job Information , LOD-SF-EC-JOB-RBP , Job Information Role-Base Permissions , Problem
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)