Skip to Content
Technical Articles
Author's profile photo Abhishek Sharma

ABAP RAP – Instance Authorization


In this beginner blog post we are going to see how we can use Authorizations (Instance Authorization) in ABAP Restful Application Programming Model.





Instance Authorization

Instance authorization is used for all authorization checks, in addition to the user role. With instance authorization, you can define authorization on a field or operation (UPDATE, DELETE). Instance authorization is only possible for instance-based operations.

Instance authorization is not available for CREATE operation.


Step 1

Add Instance keyword in Behavior Definition file.

Define Instance authorization in the behavior definition and implement it in the behavior implementation class



Step 2

Add method in Behavior Definition Implementation class.

Use quick fix option available to generate the method declaration for the authorization control in the behavior Implementation from behavior definition editor.


Got new method Definition, which is used to put custom code for Authorization Check


Step 3

Implement GET_INSTANCE_AUTHORIZATION method with below code.

REQUESTED_AUTHORIZATION is Importing parameter which identified which authorization control is requested by user.

In our demo scenario we have requested UPDATE or EDIT authorization.

RESULT parameter is available which must be filled with AUTHORIZATION result.


  METHOD get_instance_authorizations.

  DATA: update_requested type abap_bool,
        update_grtanted TYPE abap_bool.

    ENTITY Student
    FIELDS ( Status ) WITH CORRESPONDING #( keys )
    RESULT DATA(studentadmitted)
    FAILED failed.
  CHECK studentadmitted is not initial.
  update_requested = COND #( WHEN requested_authorizations-%update = if_abap_behv=>mk-on OR
                                  requested_authorizations-%action-Edit = if_abap_behv=>mk-on THEN
                                  abap_true ELSE abap_false ).

  loop at studentadmitted ASSIGNING FIELD-SYMBOL(<lfs_studentadmitted>).
    if <lfs_studentadmitted>-Status = abap_false.
        if update_requested = abap_true.
            update_grtanted = is_update_allowed(  ).
            if update_grtanted = abap_false.
                APPEND VALUE #(  %tky = <lfs_studentadmitted>-%tky ) to failed-student.
                APPEND VALUE #( %tky = keys[ 1 ]-%tky
                                %msg = new_message_with_text(
                                    severity = if_abap_behv_message=>severity-error
                                    text = 'No Authorization to update status!!!'
                ) to reported-student.


Testing Instance Auth. Implementation


Simulating IS_UPDATE_ALLOWED method for Authorization Object Check by returning ABAP_FALSE, which says Authorization check failed.



Run application and click on Set Admitted button.


Since the method IS_UPDATE_ALLOWED returned ABAP_FALSE, which is simulation for Actual Authorization Object returned ABAP_FALSE

Error message is displayed to user.



Previous Blog Post : Global Authorization in ABAP RAP






Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo DurgaPrasanth vemula
      DurgaPrasanth vemula

      Hi Abhishek Sharma,

      I am getting the below error.Is any thing i missed.


      The data object "REQUESTED_AUTHORIZATIONS" does not have a component called "%ACTION-EDIT".



      Author's profile photo Abhishek Sharma
      Abhishek Sharma
      Blog Post Author

      Hi Durgaprasanth,

      try to use auto suggest feature ( Carl + space ) to get


      Comment or share code if you still face issue.

      Hope this help…






      Author's profile photo Dhaval Patel
      Dhaval Patel

      Hi Abhishek,

      Thanks for such useful content.

      Even I am facing the same issue and even after pressing 'Ctrl + Space' unable to find 'Edit' option. Below is error faced.

      Error - The data object "REQUESTED_AUTHORIZATIONS-%ACTION" does not have a component called "EDIT".

      Am I missing something?

      @DurgaPrasanth vemula, were you able to solve?


      Dhaval Patel