Authorisation (Roles design)

The authorisation concept and approach varies considerable between different organisations.

Promenta provides the information below as a guide only – the organisation must review their specific approach and adapt as required.

Below are a set of “user-types” that would be required in a typical implementation. Some groups may be combined depending on specific requirements

For more information on individual transactions please search via transaction code.

NOTE : Along with the mentioned Promenta transactions some SAP transactions may also be required such as SM30, SE16 etc depending on the use-case.

Requesters/Initiators

User Type description : These users start requests via the web interface (only). The enter data and submit requests for approval. SAPGui access is not required

SAPGui access : not required
Transactions : none

Approvers/Validators


User Type description : These users approve or validate a request. They access the request via their Inbox or email links. They only see request that have been specifically to routed to them. They cannot check the status of other requests.

SAPGui access : not required
Transactions : none

Team Leaders/Process owners

User Type description : These users need to monitor the requests that are in the system. They may be monitoring for their team or for all requests. They may want to check status of requests.
The team leader may want to cancel requests, redirect requests to other approvers or open requests to view content.
The team leader is able to assign users to the approval hierarchy

SAPGui access : Yes
Transactions :

/PROMENTA/WS_AGE_REP  Ageing report  This report shows the current and historic requests and the corresponding status. No changes are possible. Detail about each request is also available 
/PROMENTA/WFRM_ANYSR Analyser This report shows current status and enables changes such as request cancellation, request forwarding and opening requests in display-mode. This is a powerful transaction and should be assigned with caution.
 /PROMENTA/WF_RESP_01  Workflow responsibility Several detail transactions are available – please refer to detailed documentation
This transaction enables the user to attach users (approvers) into the approval matrix. Changes to the matrix structure are not possible.

Configuration team

User Type description : These users make settings changes to the solution and also configure the approval matrix. These changes are only made in development systems.

SAPGui access : Yes
Transactions : 

/PROMENTA/DEC_TREEV3   Decision Tree   This tool is used to configure the settings for most Promenta solutions. Additional SAP authorisations such as ability to save to a transport are required
 /PROMENTA/WFCP  Promenta workbench  This tool allows testing of requests and some changes of parameters.

Support team (Level 2 )

User type description : These users are in second line support and receive problem tickets and incidents to resolve. 
They would use a range of standard SAP transactions for checking aspects of the SAP system such as workflow, basis etc

SAPGui access : Yes
Transactions : 

/PROMENTA/DEC_TREEV3   Decision Tree   This tool is used to configure the settings for most Promenta solutions. In production it would be used in a display-only way.
 /PROMENTA/WFCP Promenta workbench  This tool allows testing of requests and some changes of parameters.

/PROMENTA/WFRM_ANYSR Analyser This report shows current status and enables changes such as request cancellation, request forwarding and opening requests in display-mode. This is a powerful transaction and should be assigned with caution.
 /PROMENTA/WF_RESP_01  Workflow responsibility Several detail transactions are available – please refer to detailed documentation
This transaction enables the user to attach users (approvers) into the approval matrix. Changes to the matrix structure are not possible.
 /PROMENTA/WSFI_BDCER  Update error analysis  This tool enables the user to view the data used to update SAP in the case of update issue.

System/Service users

Some solutions use a service SAP account to perform updates (post journals, update vendors etc). This enables the underlying transactions such as FB01, XK01 etc to be removed from end-users

If your scenario requires a service user then that use will need to be setup with all the authorisations to perform the update tasks – for example in the Journals process the user would need access to FB01 and all company codes etc.

Basis team for Installation process

Please review the install guide. All required transactions are mentioned there. The installation guide is updated regularly.

Scroll to Top