| Authorization object | Authorization field 1 | Value 1 | Authorization field 2 | Value 2 | Roles assigned | Description |
|---|---|---|---|---|---|---|
|
/DVD/DF_AC |
/DVD/DF_ACT |
CREATE / EDIT / DELETE |
/DVD/DFCOM |
DI |
A, L |
Create, edit or delete data ingestion run |
|
|
|
CREATE / EDIT / DELETE / RELEASE |
|
LH |
A, L |
Create, edit, delete or release legal hold |
|
|
|
EXECUTE |
|
AD |
A, U |
Execute attachment download |
|
|
|
|
|
DB |
A, L, U |
Execute data browser |
|
|
|
|
|
DD |
A, U |
Execute mass download |
|
|
|
|
|
TM |
A, L |
Execute table maintenance |
|
|
|
|
|
DT |
A, L |
Execute data tagging |
|
|
|
|
|
WDB |
A, L, U |
Execute web-based data browser |
|
|
|
DELETE |
|
BO |
A, L |
Delete business object |
|
|
|
EXECUTE / DISPLAY |
|
RM |
A |
Display or execute retention management |
|
/DVD/DF_OA |
/DVD/LOGS |
<Logical system ID> |
/DVD/BO |
&business object& |
Customer-specific |
Granular access limitation for business object (in browser, mass download, etc.) |
|
/DVD/DF_DP |
/DVD/GRP |
<Group of field IDs> |
- |
- |
Customer-specific |
Group of fields that are considered GDPR-sensitive, but certain users can see their content (e.g. auditors) |
|
/DVD/DF |
DVD_AUTHGR |
<Group of record IDs> |
- |
- |
Customer-specific |
Granularity at the level of records in a table. Limited access to data in the data browser |
SAP authorization objects used in SNP Outboard™ Datafridge:
Background processing:
Assigned to: A, L
File access (for reading/writing CSVs/XML):
Assigned to: A, L, U
Export to CSV:
Assigned to: A, L, U
DBA Cockpit display:
Assigned to: A, L
Create, edit or delete ABAP code/tables:
Assigned to: A, L (only tables)
Debugging:
Assigned to: A
Read application logs:
Assigned to: A, L
