- SAP Community
- Products and Technology
- Additional Q&A
- [RAR] SAPGRC_AC_IDM_* Web Services
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
[RAR] SAPGRC_AC_IDM_* Web Services
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 11-05-2010 12:27 PM
Hi all,
I'm testing the SAPGRC_AC_IDM Web Services but unfortunately with no success.
Specifically the Web Services:
SAPGRC_AC_IDM_SELECTAPPLICATION
SAPGRC_AC_IDM_SEARCHROLES
For the first one, there is no mandatory field. The invocation is well performed, but with no results. I have checked the RAR Portal and the configuration is ok at the Systems Connectors configuration.
With the SearchRoles one occurs a similar problem. The invocation is done well but with no results. In this case, there are two mandatory fields (Application, AccessType)
In the Application Field I introduce the System Name configured at the RAR Connector Configuration and for the AccessType I have tried with Roles, Role, but It doesn't work anyway.
I have read the GRC Access Control Configuration Guide and the documentation is quite poor for the Web Services, also tried to look for documentation of these Web Service on the ES Workplace, but there is no documentation.
Has anyone of you performed a successful invocation of IDM Web Services?
Thanks in advance,
Toni
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Toni,
All these web services are associated with CUP. You need to configure CUP for these web services to show you any result.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Alpesh,
I understand that CUP installation and configuration is necessary to call
the provisioning Web Services, like SAPGRC_AC_IDM_SUBMITREQUEST or SAPGRC_AC_IDM_RISKANALYSIS. Generally, all the Web Services that requires
a user provisioning action.
But for the Web Services SAPGRC_AC_IDM_SELECTAPPLICATION and SAPGRC_AC_IDM_SEARCHROLES there is no action required from CUP, it is
performed by GRC Access Control. The systems and roles are imported on AC
not in CUP (or on an IDM system if you want).
Are you really sure about the necessity of CUP configuration to run these
two Web Services?
At the SAP GRC Access Control 5.3 Configuration Guide I don't see anything
about this restriction.
Thanks a lot,
toni
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi,
I am 100% sure that the SAPGRC_AC_IDM_SELECTAPPLICATION and SAPGRC_AC_IDM_SEARCHROLES require CUP. These webservices look at the CUP database and will retrun you the result. AC 5.3 is just collection of RAR, CUP, SPM and ERM. AC 5.3 still requires you to configure all the modules separately.
If you still don't believe me, create one role and one conector in CUP and then call the above web services.
Regards,
Alpesh
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hello Alpesh!
I believe you, but for me it is hard to think that using just the RAR Module without CUP is it possible to import roles and implement the SoD Matrix according to the Roles.
Do you know if there is any table that mantain the role list? I have been querying the RAR tables with no success.
Thanks a lot!!
toni
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
koehntopp
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Frank,
Just trying to find the best method to retreive the role list and role description from GRC. In my case just RAR Module is installed and configured. The systems and roles have been imported to RAR.
Once realized that it is imposible to use the SAPGRC_AC_IDM_* Web Services will have to query RAR tables to get the role list.
Best regards,
toni
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
We are having the same issue when testing SAPGRC_AC_IDM_SEARCHROLES in web service navigator. Do you know what the inputs are required on the wsbn screen.in addition to the tcode.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Integration of SAP Service and Asset Manager(SSAM) with SAP FSM to support S/4HANA Service Processes in Enterprise Resource Planning Blogs by SAP
- ABAP Cloud Developer Trial 2022 Available Now in Technology Blogs by SAP
- SAP Partners unleash Business AI potential at global Hack2Build in Technology Blogs by SAP
- Simplifying Employee and Manager Experiences with Employee Central Quick Actions in Human Capital Management Blogs by SAP
- It’s Official - SAP BTP is Again a Leader in G2’s Reports in Technology Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.