Administering Embedded Analytics

Embedded Analytics has three user types: Administrator, Author, and Viewer.

Administrators can create, edit, and share stories, as well as create and manage users.

Authors can create, edit and share stories.

Viewers can only view stories and cannot edit or create them. However, since stories can be dynamic, viewers can apply filters, change the format of charts and tables, and save those changes to a static file such as a PDF.

Users are created and managed using Single Sign-On for Sales Performance Management. This is done in the SAP Identity Authentication Service and SAP Identity Provisioning applications.

While creating users in Identity Authentication, you must ensure that the Login Name is the same as the userid of the participant in Incentive Management. If these values do not match, no data will be displayed in Embedded Analytics stories.

Once you have created users, associate each user with the Application user group for Embedded Analytics, APP_SCAN. Then, add users to one of the following Authorization user groups, depending on which role the user will have.

• ADMINISTRATOR_COMM-SCAN - corresponds to Embedded Analytics administrator

• AUTHOR_COMM-SCAN - corresponds to Embedded Analytics author

• AUTHENTICATED_COMM-SCAN - corresponds to Embedded Analytics viewer

The following image shows a user named Paula Wolf who should have administrator rights. She is assigned to APP_SCAN to grant access to the application, and ADMINISTRATOR_COMM_SCAN to designate her account as an administrator.

To ensure data security, the default user access to data is set to "none". This means that even if a user has Administrator or Author permissions, unless they are granted the data level access they need, they will not be able to see any data in their stories.

Administrators with the correct permissions can grant data level access in the Embedded Analytics Configuration application.

To set data level permissions:

1. From the application menu, select Embedded Analytics configuration.
2. Select User Settings.
3. Select a user from the list.
4. Select Set Permissions.
5. Select a permission type from the list.
6. Select Save.

The data level permissions types include:

• Business Units: This user can see data only in the business units to which they are assigned.
• Position Groups: This user can see data only in the position group(s) to which they are assigned.
• Positions: This user can see only data for their position and any positions below them in the hierarchy.
• All: This user can see all data.
• None: This user can see no data.

In addition to the stock data models, embedded analytics allows you to create custom data models. This is done by allowing an administrator to upload custom code on a new landing page.

When a user logs in to embedded analytics, the landing page is determined by the type of user. Administrators are taken to the Embedded Analytics Configuration page, while authors and viewers are taken to the main SAP Analytics Cloud page.

The Embedded Analytics Configuration page has two tabs: File Manager and Data Model Permissions. On the File Manager tab, the administrator can create or update a CSN file that contains the metadata for all the custom models available in the environment. The easiest way to do this is to download the existing CSN file and make the necessary edits. Documentation on creating and editing the CSN file can be found in the online help.

Once the CSN file has been created or edited, the Data Model Permissions tab allows the administrator to determine which user types can access the data model. Only administrators and authors can be granted access to data models as viewers cannot create stories.