Required permissions
To use SAP OData as a source in a Qlik Replicate task, the following authorizations are required.
OData user authorizations
To use a single SAP Gateway framework or application services, the user role needs to have the corresponding authorizations. The proposals can be found in transaction SU22.
In the SAP Gateway hub system, the repository objects are R3TR IWSG and R3TR IWOM.
In the SAP Business Suite backend system, all authorizations are collected in the repository object R3TR IWSV.
In addition to the authorizations maintained in the SU22 proposal, the role needs to have the authorization object S_SERVICE assigned with the following specifications. This is a service allowing exploration of the framework or application services exposed by the SAP Gateway framework.
| Type of Application: | TADIR Service |
|---|---|
| Program ID: | R3TR |
| Object Type: | IWSG or IWSV |
| Object Name: | /IWFND/SG_MED_CATALOG |
For more information, see Roles in the SAP Gateway Landscape.
Data objects
| Authorization object | Field name | Value | Activity |
|---|---|---|---|
| S_RS_ADSO | RSINFOAREA | * | 23 |
| RSOADSONM | * | ||
| S_RS_COMP | RSINFOAREA | * | 23 |
| RSINFOCUBE | * | ||
| RSZCOMPTP | * | ||
| RSZCOMPID | * | ||
| S_RS_COMP1 | RSZCOMPID | * | 23 |
| RSZCOMPTP | * | ||
| RSZOWNER | * | ||
| S_RS_DS | RSDS | * | 23 |
| RSDSPART | * | ||
| RSLOGSYS | * | ||
| S_RS_HCPR | RSINFOAREA | * | 23 |
| RSHCPR | * | ||
| RSHCPROBJ | * | ||
| S_RS_HYBR | RSHYBRPROV | * | 23 |
| RSHYBROBJ | * | ||
| S_RS_ICUBE | RSINFOAREA | * | 23 |
| RSINFOCUBE | * | ||
| RSICUBEOBJ | * | ||
| S_RS_IOBJ | RSIOBJ | * | 23 |
| RSIOBJCAT | * | ||
| RSIOBJPART | * | ||
| S_RS_IOMAD | RSINFOAREA | * | 23 |
| RSAPPLNM | * | ||
| RSIOBJNM | * | ||
| S_RS_ISET | RSINFOAREA | * | 23 |
| RSINFOSET | * | ||
| RSISETOBJ | * | ||
| S_RS_MPRO | RSINFOAREA | * | 23 |
| RSMPRO | * | ||
| RSMPROOBJ | * | ||
| S_RS_ODSO | RSINFOAREA | * | 23 |
| RSODSOBJ | * | ||
| RSODSPART | * | ||
| S_RS_ODP_H | RSODPHNAME | * | 23 |
| RSODPHPKG | * | ||
| S_RS_ODSV | RSFBPNAME | * | 23 |
| RSFBPOBJ | * | ||
| RSINFOAREA | * | ||
| S_RO_OSOA | OLTPSOURCE | * | 23 |
| OSOAAPCO | * | ||
| OSOAPART | * |
Other
| Authorization object | Field name | Value | Activity |
|---|---|---|---|
| S_ADMI_FCD | S_ADMI_FCD | PADM, ST22 | |
| S_ADT_RES | URI | /sap/bc/adt/* | |
| S_DEVELOP | OBJTYPE | DEBUG, ST22 | 03 |
| S_TCODE | TCD | ST22 | |
| S_BTCH_ADM | BTCADMIN | Y | |
| S_BTCH_JOB | JOBACTION | RELE | |
| JOBGROUP | * | ||
| S_BTCH_NAM | BTCUNAME | BWREMOTE | |
| S_DMIS (Only required when replicating from an SLT Replication Server) | MBT_PR_ARE | SLOP | 03 |
| MBT_PR_LEV | PACKAGE |
To add OData services to the role:
- In the Role Maintenance transaction (PFCG), edit the role.
- On the Menu tab, open the [+] menu for adding objects. Choose the object type Authorization Default.
- In the TADIR Service field, locate the OData service name.
- Copy the service to the Menu tab.
- Select SAP Gateway: Service Groups Metadata (for metadata).
- In the TADIR Service, locate the OData service name.
- Copy the service to the Menu tab.
- Repeat steps 1-7 for all services.
- Add /IWFND/SG_MED_CATALOG to the role (for services catalog browsing), by following steps 5-7.