on 06-20-2023 3:34 PM
Hi Experts,
How can I restrict access to the address and Bank details on Business Partner in Public cloud 3SL using the restriction object 'Sensitivity'?
Object SENSTVT description says- The address and bank that is marked as PROTECTED is considered sensitive.
Where can we maintain the 'PROTECT' field?
Please advise on this.
Thanks
Hi Team,
The protect field is only added for Employee BPs which are created via the available methods of creating employee BPs e.g. the Bank Data of the Employee BP is created via the SF integration or via the Manage Worker app then the PROTECT field will be filled with 'E',. Bank details added to an employee BP in S/4HANA Cloud itself will not have the PROTECT field filled. The PROTECT field is only added for Employee BPs which are created via the available methods of creating employee BPs e.g. the Bank Data of the Employee BP is created via the SF integration or via the Manage Worker app then the PROTECT field will be filled with 'E'. Bank details added to an employee BP in S/4HANA Cloud itself will not have the PROTECT field filled.
For non-Employee BP's (plus employee bank details created in S/4HC) there is also the following method.
If you refer to the following link https://me.sap.com/notes/3290012/E
Only the Business Partner Fiori Apps allow Bank Details to be hidden fully e.g. Manage Business Partner Master Data. The bank detials cannot be fully hidden in the BP GUI app called Maintain Business Partner Master Data
* For Employee BPs, access can be restricted using SENSTVT restriction.
Resolution
Assign the user the catalogue SAP_CMD_BC_BP_APP_MAINT_PC for access to the Manage Business Partner App
Set the "Country/Region Key of Bank" restriction type to be blank (no access) or set it to be "<Not maintained>"
The user assigned this will now be able to view BPs in the Manage Business Partner app but will not be able to view the Bank Data.
Using Manage Business Partners fiori app, it is possible to protect the Business Partner bank data and Address data for all BPs (it will not be visible) in that if you use the Business Partner Fiori Apps then the Bank Details can be hidden.
For example: Using the "Country/Region Key of Bank" restriction type, in that if you leave it blank (no access) or set it to "<Not maintained>" then users assigned this will not be able to view bank details in the BP Fiori Apps (Manage Business Partner Master Data / Manage Customer Master Data/ Manage Supplier Master Data). Please make sure this configuration has been maintained for the Country/Region Key of Bank field for all roles if multiple Business roles are assigned to Business users.
In the Maintain Business Partner, the Bank details and Address would not be hidden as the user cannot set Protected flag as it is not exposed in the UI.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Brad, thanks for the response above as I have the same situation here with the exception the client would like to have decentralised maintenance of suppliers/customers similar to ECC with MK and FK transactions. In respect to this the requirement is to enable the supply department to update address and purchasing data whilst restricting access to view/maintain bank data. The initial creation and maintenance of bank data for suppliers/customers is required to be restricted to the accounts/finance department. I have applied the restriction on the bank data above and it works as expected however, when trying to update address data with the restriction in place in ends in error "You are not authorized to create bank data for country/region ##".
Any advice would be much welcomed.
Cheers Bill
User | Count |
---|---|
97 | |
9 | |
9 | |
5 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.