Skip to Content

New in CRM 7.0: Territory based Authorizations

One of the objectives of territory management in SAP CRM is to enable optimized information flow in an organization. For example, when an opportunity or a lead gets created, it is important that the opportunity / lead reach the right set of individuals within a stipulated time frame. This not only gives an organization the edge over the competition but also gives the sales reps more time to better understand the customer needs to come up with a winning solution and close the deals. In short, the need of the hour is to ensure that the information reaches the right destination in time.

An effective way of achieving this optimized information flow within organizations is territory based authorizations in SAP CRM 7.0. Territory based authorizations, when switched on, ensure the alignment between the account, products and employee responsible of a document based on territory management. Thus territory acts like a central reference point and helps users ensure that a document created for an account or a product is assigned to the right employee responsible. These authorizations are controlled at the transaction type level.

At a transaction type level, the territory based authorizations can be switched on / off. When switched on, the system ensures that the account and products assigned to a document are in the scope of the territory (that is assigned to the document). Further, it also ensures that the employee responsible of the territory is assigned as the employee responsible to the document. In case of a mismatch, the user is notified through error messages.  By default, when these authorizations are switched on at a transaction level, the validations are switched on for both the header level and the item level. However, if not desired, the item level authorization checks can be switched off.

The transaction level territory based authorizations can be switched on in the following IMG customization: IMG > CRM > Transactions > Basic Settings > Define Transaction Types.

  1. Open the Transaction type for which the authorizations are to be switch on
  2. Select the Territory Check option (highlighted in blue in image below)in the general section.

With this simple step, you have enabled territory based authorizations.

Territory Check

If the territory based authorizations are required only at the header level of a transaction type and not at the item level, these authorizations can be switched off at the item level at the following IMG customization: IMG > CRM > Transactions > Basic Settings > Define Item Categories.

  1. Open the Item Category type for which the authorizations are to be switch off
  2. Select the “Territory Check Not Required” option (highlighted in blue in image below) in the general section.

Territory Item Check

Now, let us look at how these territories based authorizations work. Consider a scenario where the system is configured to default the current user as the employee responsible for a new document. In this case, territory determination for the document is based on the employee responsible. When a user is creating a new document, the system will determine all the territories for which the current user is the employee responsible. In case multiple territories are found, the user is asked to choose from the list of territories. If only one territory is found then it is assigned to the document. Further, when the user assigns accounts or products to the document, the respective search helps default the territory ID as a search criteria, thus forcing the user to choose an account, product from that territory. In case the user selects an account or a product from a different territory, the system raises an error message. While this is a sample scenario, these authorizations work for other configurations such as determining employee responsible from territory as well.

If ensuring alignment between the account, the product, the territory, and the employee responsible is one side of the story, then the other side is to ensure which users have access to what territories. By default all users have access to only those territories to which they have been directly assigned as the employee responsible. In addition, if there are any child territories to the employee’s territory, then the user would have access to the child territories as well.

There can be exceptions to this and the exception can be introduced by setting a user parameter, CRM_TERR_SCOPE (in transaction SU3), value to “02” or “03”.

  • A “02” value gives a user the default access and access to all the territories of the employees that report into him / her as per the org model.
  • A “03” value gives unrestricted access to the user to all the territories. This shall be granted to administrators or special users.

Thus territory based authorizations can be implemented in SAP CRM 7.0 to ensure optimized information flow in an organization. 

You must be Logged on to comment or reply to a post.
  • nice blog!

    I have not had the chance yet to set it up myself, but it looks as a nice feature for some of my customers.

    kind regards
    davy pelssers

  • Hi Kranti,

    It is a nice feature of CRM 7.0, but I was looking for a way on how to control access to Opportunities and Leads by Territory. I don't think this Territory check on the transaction customizing nor setting on the user will do this trick.

    I beleive the only way to do it would be by using standard authorization objects.
    Do you agree?

    Thank you,