Authorizations Management

Authorizations Assistant

SUIM's Authorizations Assistant (AA) is a solution for automating and/or managing authorization problems. It simplifies unit testing by automatically creating delta roles based on failed authorization checks.

Our Solutions

Consultation Services

Solution is SAP certified - integration with SAP S4/HANA

Overview

SUIM's Authorizations Assistant enables you to resolve authorization errors such as "access denied", which are complicated and lengthy in the standard SAP case. AA simplifies traditional unit testing by automatically creating delta roles based on failed authorization checks. Based on a green list/red list, delta roles are automatically assigned to testers so they can continue testing without interruption.

With one click, the end-user sends all necessary information to the system when an access is denied. AA automatically enhances the role if predefined security criteria are met. If not, AA proposes a simple workflow where an Administrator decides whether or not to grant the user a role enhancement. For new authorization concepts, if authorizations are not transfered equivalently, AA automatically checks whether the user would have had the equivalent rights under the old concept and grants them (depending on predefined criteria) automatically. AA offers massive time savings when testing new systems, during system upgrades or when introducing new authorizations concepts.

‍

Efficiency

With SUIM's Authorization Assistant you accelerate authorization approvals enormously. End-users' productivity is boosted and administrators benefit from simplified authorization workflows. Automatic checks save valuable time, especially when testing new systems and changing authorization concepts.

Flexibility

Authorization Assistant allows you to flexibly configure your approval processes. AA automatically checks authorizations for new or changed systems and/or concepts, and adapts to your individual landscape.

Simplicity

Authorization Assistant greatly simplifies the process of obtaining additional authorizations for end-users. Instead of having to go through complex processes, end-users can request additional rights in just one click, while still sending all the relevant information. AA also provides a simple interface for your developers to review authorization concepts when testing systems.

compatibility

Authorizations related entitites

Authorization related entities represent elements of an IT solution/product that is delivered within this SUIM product and can be integrated for generation, administration, provisionning and/or monitoring purposes.

SAP Role

SAP ABAP Stack user

Identity related entitites

Identity entities represent reource-related elements (identity, organization, user) of a solution/IT product that can be integrated in this SUIM product for administration, provisionning and/or analysis purposes.

SAP Role

SAP ABAP Stack user

Integration with 3rd parties products

Third-party products corresponds to all SAP and non-SAP, on-premises or cloud IT solutions/products for which this SUIM product has been interfaced / integrated. Each of theses connectors will be delivered within this SUIM product

SAP ABAP Stack

Integration in other SUIM products

The other SUIM products are the other SUIM modules, which are not part of this solution, but for which integration adds value.

Compliance Enforcer

TOP 5 Features

How to test a new authorizations concept

With new authorizations concepts, the authorizations are not transferred equivalently. If an authorization error occurs during tests, AA automatically checks whether the user would have had the equivalent rights with the old concept and grants them or not (depending on predefined criteria) either automatically or within a workflow decision, allowing the tester to continue his tests.

Central overview of all authorization errors in the landscape

The Authorization Error Cockpit gives you a powerful insight into the areas where many authorizations were requested.

Red List

List of red-listed authorizations can be defined to signal if an authorization is missing and if it should be assigned or ignored.

Risk violations before enhancing a role

Risks can be defined (for example Critical Authorizations, Critical actions or SOD violations). A risk violation can prevent automatic role enhancement

Customization wizard and permission optimization

An intuitive customizing workspace for configuring AA is included. The content of your authorization templates can be optimized based on your role content.

Reference user or role-based

When you go live with a new role concept, a reference user can be used to assign authorizations from the old concept as needed. This ensures a smooth go-live, as no authorization errors occur. If permissions are missing, AA automatically creates a role, following your naming conventions and takes into account red lists.

Specially designed help to test your processes

Automatic assignments mean that testing is never hindered by authorization errors.

Authorizations workflow(s)

In case of authorization problems, AA can scan the authorizations in a reference concept automatically or on request. If the user had the missing authorizations in the reference concept and this authorization is not in red-listed, AA sends an event. In response to this event and depending on the configuration from the AA, the addition of this object is done automatically or via workflow.

Discover SAP services and solutions tailored to your business needs.

With dozens of tools at your disposal, we customise a best-fit solution to meet your business’s needs. Request a consultation with our expert team today.

Read Article