SAP Security: Authorization Concept
Authorization Concept in SAP System Authorization concept in the SAP system is all about protecting programs, transaction codes, reports and other services. Security Administrators/User Administrators assign any authorizations to users based on this concept. These authorizations determine what actions user can perform in the SAP system. Transactions or programs are protected by authorization objects, so user requires corresponding authorization objects for executing transactions or programs. Authorization profile is a combination of authorizations which is associated with the role. Role is assigned to users, so the user can then get access to the authorizations. Overview of the elements of SAP Authorization Objects 1. Authorization Object Class: It is a logical grouping of authorization objects. Example all authorization objects for class FI starts with “F_” and for class MM starts with "M_". 2. Authorization Object: It is a group of 1 to 10 authorization fields. Authoriz