If you have requirements that cannot be met using the P_ORGIN and P_ORGXX authorization objects, you can include an authorization object in the authorization checks yourself. Ffor example, you want to build your authorization checks on additional fields of the Organizational Assignment infotype (0001) that are customer-specific,
Create the authorization object using transaction SU21, making sure you keep to the customer name range (Z/Y). To be able to use the new authorization object you created in the master data authorization check, the object must contain the INFTY, SUBTY, and AUTHC fields. You can use any other fields of the Organizational Assignment infotype (0001) as the other fields. You can also use customer-specific additional fields provided they are CHAR or NUMC type fields.
After you have created the object, you must start the report RPUACG00. This report overwrites the MPPAUTZZ standard include with the code that is needed to evaluate the authorization object you created. Note: Technically speaking, this involves a modification. However, SAP fully supports this procedure. You should not have more maintenance work as a result of this modification.
If you use customer-specific authorization objects, you must maintain these objects in transaction SU24 (Maintain Assignment of Authorization Objects to Transactions) in the same way as you maintain the authorization objects P_ORGIN, P_ORGXX, and P_PERNR.