How to create an authorization class / object
For add-on application, user-exits or customer specific developments
it is sometimes required to create a customer specific authorization object.
It is always recommended to also create a customer specific authorization
class where the corresponding objects are later then assigned to.
Call transaction SU21.
Create the object class by pushing the button
and selecting Object class
.
When saving the maintained information a package needs
to be selected to which the authorization class is to be assigned to.
The authorization required to be able to maintain a class / object includes:
S_DEVELOP with ACTVT 01, the package to which the class is supposed to be assigned, object type SUSO [authorization objects] and object name [can be generic].
After the class is created push the button
again and select Authorization Object.
The object name and a self-explaining text are to be added.
After that the authorization object fields are to be determined together
with the permitted field values.
Do not forget to maintain the object description.
&DEFINITION&
This is an authorization object for …
&FIELDS&
The field ACTVT based on table TACT defines
what activities maybe performed.
Authorization fields can be created with transaction SU20.
Define the Field Name, add the Data element, and the Search Help for the corresponding values in the profile generator.
The Use in Authorization objects is populated from transaction SU21
when the field is actually assigned to an authorization object.
Note_03_10_How_to_create_an_authorization_object.pdf [1]