Skip to Content

Reporting Authorizations in SAP BW

Creating Authorization in BW System

Steps for creating authorization

RSD1-To maintain info object authorization relevant.

PFCG – To maintain roles

RSECADMIN – To maintain analysis authorization and role assignment to user

1. Make a variable authorization relevant.

2. Create roles.

3. Create BI Analysis Authorization.

1. Make a variable authorization relevant

Go to RSA1 select info object target and go to business Explorer and check the box for authorization relevant 

2. Create BI Analysis Authorization

Use transaction RSECADMIN




Give the name for the authorization and click create

Give the short text

Below characteristics are mandatory while creating authorization object.

1. 0TCAACTVT: This characteristic handles the general activity like create, change, display etc.

2. 0TCAVALID: This characteristic handles the authorization for Info Provider by default it gives access to all the Info Providers i.e. full access. We can restrict authorizations for particular Info Providers using this characteristic.

3. 0TCAVALID:  This characteristic handles the validity of an authorization. Always valid (*) is set as the default for validity. You can restrict this validity. You can also specify a single value or an interval.

Insert new row and add the dimension and give a value

  1. For giving values double click the intervals cell


Add a row and give the value depending upon the requirement

Save the authorization

3. Creating the role

Select user tab

Select Role maintenance

Give the role name and select either single role or composite role (in my case I selected single role)

Select menu tab

Select transaction

Give the transaction to be allowed

Ex- RSRT – Query monitor

Select Authorization Tab

Add the authorization created to S_RS_AUTH

Generate then Save

Select the user tab

Add the users which has the role

Then do user comparison

Creating Authorization variable

Open query designer

Creating authorizing variable

In Query Designer Put the authorization variable under filter panel.

Checking the authorization

Go to the analysis tab -> select execute as -> give the user (EX – RETUSER1) -> select with log

Select start transaction -> select the authorization query -> execute

Then run as the user to which role was assign then run the query

Query display as HTML

Now check the below out only for the RUKSHAYA



You must be Logged on to comment or reply to a post.