SAP PO – Authorities Roles

SAP PO-Tips & Troubleshooting, SAP Process Orchestration One comment

Hi buddies,

When we start work with SAP PO, we need create account and grant permission to users

User roles can be:

1- SAP Process Orchestration Administrator role
2- SAP Process Orchestration Developer and Support role
3- Integration account

In this article, i will show you detail of roles you need consider when create user to access SAP Process Orchestration system. To reduce security risks.

2019-06-19_123538

1- Administrator roles

Administrator user roles allow SAP PO consultant manage SAP PO system, integration objects and system parameters setting.
NWA_SUPERADMIN
SAP_SLD_CONFIGURATOR
SAP_XI_ADMINISTRATOR_J2EE
SAP_XI_ALERT_CONSUMER
SAP_XI_ALERTCONF_DISPLAY_J2EE
SAP_XI_APPL_SERV_USER
SAP_XI_CONFIGURATOR_EXT_J2EE
SAP_XI_CONFIGURATOR_J2EE
SAP_XI_DEVELOPER_J2EE
SAP_XI_DISPLAY_USER_J2EE
SAP_XI_ID_SERV_USER
SAP_XI_IR_SERV_USER
SAP_XI_IS_SERV_USER
SAP_XI_MESSAGE_MODIFY
SAP_XI_MONITOR_J2EE
SAP_XI_RWB_SERV_USER
SAP_XI_SUPPORT_J2EE
SAP_XI_BPE_ADMINISTRATOR_J2EE
SAP_XI_BPE_MONITOR_J2EE
SERVICES_REGISTRY_READ_ONLY
SAP_XI_API_DEVELOP_J2EE
SAP_XI_API_DISPLAY_J2EE
Administrator
pcd:portal_content/adminstrator/super_admin/super_admin_role
SAP_SLD_DEVELOPER
SAP_SLD_ADMINISTRATOR
SERVICES_REGISTRY_READ_WRITE
SAP_XI_CONTENT_ORGANIZER_J2EE
SAP_XI_CMS_SERV_USER
SAP_XI_CMS_SERV_USER UDDI_Admin

2- Developer and Support roles

Developer user roles allow SAP PO Developer build integration objects
NWA_READONLY
SAP_SLD_CONFIGURATOR
SAP_XI_ADMINISTRATOR_J2EE
SAP_XI_ALERT_CONSUMER
SAP_XI_ALERTCONF_DISPLAY_J2EE
SAP_XI_APPL_SERV_USER
SAP_XI_CONFIGURATOR_EXT_J2EE
SAP_XI_CONFIGURATOR_J2EE
SAP_XI_DEVELOPER_J2EE
SAP_XI_DISPLAY_USER_J2EE
SAP_XI_ID_SERV_USER
SAP_XI_IR_SERV_USER
SAP_XI_IS_SERV_USER
SAP_XI_MESSAGE_MODIFY
SAP_XI_MONITOR_J2EE
SAP_XI_RWB_SERV_USER
SAP_XI_SUPPORT_J2EE
SAP_XI_BPE_ADMINISTRATOR_J2EE
SAP_XI_BPE_MONITOR_J2EE
SERVICES_REGISTRY_READ_ONLY
SAP_XI_API_DEVELOP_J2EE
SAP_XI_API_DISPLAY_J2EE
SAP_XI_CMS_SERV_USER

3- Integration account roles

Integration account use used for legacy system call SAP PO API like SOAP | REST Webservices
SAP_XI_ID_SERV_USER
SAP_XI_IR_SERV_USER
SAP_XI_IS_SERV_USER
SAP_XI_RWB_SERV_USER

Grant permission step by step

Step 01: Access SAP PO Server and User Management

Access your PO Server: http://hostname:port/startPage then select “User Management

Step 02: Create new user account

Step 03– Grant permission

Thanks for your attention

Cuong Dang

One comment

  1. Pingback: [SAP PO] – IDOCs don't record in IDOC Adapter Monitoring – SAP Zero to Hero

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.