Symptom
End users may have access to additional Employee Central data fields when using Onboarding or Latest People Profile.
Environment
SAP SuccessFactors Onboarding
Reproducing the Issue
Cause
Certain Employee Central API permissions are assigned to end-user roles.
Resolution
The following permissions are not recommended for assignment to end users:
- Employee Central Foundation SOAP API
- Employee Central Foundation OData API (read-only)
- Employee Central Foundation OData API (editable)
- Employee Central HRIS OData API (read-only)
- Employee Central HRIS OData API (editable)
These permissions should be restricted to technical users (such as integration or system users).
Review Role-Based Permissions (RBP) and remove the above permissions from all non-technical roles.
See Also
Keywords
onboarding 2.0, latest people profile, full profile, api permissions, rbp, employee central foundation odata, employee central hris odata, soap api, permissions removal, data exposure, end users, technical users, 1h 2026, profile visibility, regression testing , KBA , LOD-SF-OBX-EC , Integration EC - MPH, Hire , Problem
SAP Knowledge Base Article - Public