Authorization field definitions.

An authorization field definition is a line (row) with different fields that makes a restriction unique together with the domain/task (column).
The authorization lookup is done based upon the fields and indicator restrictions. The lookup will determine a unique x:y location where x is the authorization field definition and y is the domain/task column.

Warning:
Don't forget to validate your authorization field definitions after creating and changing.

Note: The status of an existing codification row (field definition) is only placed invalidated when you modify field, module or the indicator restrictions in the codification sheet.

Authorization field properties

• General
  • Module: SAP module
    This is not used in the authorization lookup.
  • Field: authorization field, member of an authorization object (SAP security concept)
    A list of fields can be loaded in with the object data.
  • Description: authorization field description, this field is automatically filled in when the object data is loaded. You can either fill in the description (auto fills field) or fill in the field (auto fills description)
  • Objects: to make your restrictions more specific you can also restrict you fields for certain authorization objects. (default value is *)
  • Use field for audit: this will mark the field for export to CSI Authorization Auditor
    
  • Comment: this field can be used for additional comments.
• Role name indicators
  • Modules
  • Task codes
  • Actions
  • Extended 1
  • Extended 2

The role name indicators are restrictions placed for the authorization lookup that need to match your single role naming.

Note:
Some fields maybe inactive (not editable) due to concept configuration and/or role naming.

Adding new rows to a workbook

New rows can only be added to the main sheet, fill in the different authorization field properties and save the changes.

Tip:
If you want to copy/paste data into the workbook, make sure the lines are already present.
So if you want to add 4 new lines from an excel file:
- create 4 new lines first
- save them
- place your cursor on the first empty line
- paste the data from excel.

Removing rows

There is a difference between removing a row from the main sheet and removing a row from a sub sheet.

If you remove a row from a sub sheet, you only remove the link of that row to the sub sheet.

You can only remove a row if:

• There are no values anymore for that row.
• The row is not a member of a field group.

Tip:
You can bypass the values check by holding down the shift key while deleting.

This document is up to date with version 11.1.10.20 of CSI Accelerator