Explaining Administrator Permissions and Levels

Administrators can grant employees access to all or some administrative tools by granting full or partial administrative functions.

For example, if your company has remote offices, you can allow the regional onsite manager to reset employee passwords. There are several permission sections, each with a set of permissions. You can grant multiple employees administrative permissions for the entire section. Manage User is an example of an Administrator Permissions section.

Employees with administrative privileges have the Admin Center option in the Main Navigation drop-down menu. The Admin Center page only shows active links to administrative features for which the employee has permission.

You can also use administrative permissions to set granular control over administrator user access. This feature is ideal for companies with independent business structures where administrators are generally responsible for managing the system at only the region or division level. You can assign administrators to manage only a selected user population and only a selected group of administrator functions.

This approach creates three levels of administrators: Super Administrator, Security Administrator, and Administrator.

A super administrator is created in Provisioning, the back end of the SAP SuccessFactors system. The super administrator generally acts like a global administrator for your SAP SuccessFactors system, with full access to administrator activities and full access to manage Role-Based Permissions. Only a super administrator can make other users security administrators.

Security administrators are also global administrators responsible for managing permission roles and groups in the RBP framework. These administrators can grant users access to functionality in the Admin Center or general user pages.

An administrative user in SAP SuccessFactors Employee Central is a local user with access to the Admin Center and the functions therein.

Groups and their corresponding permissions are automatically updated when changes occur. For example, if you have assigned an administrator to oversee all departments in the company, and next month, the company adds a new department (Department X), your administrator automatically gains access to Department X because it is within his assigned group. (Previously, changes like this would have to be manually updated, meaning you would have to manually give each administrator permission to access the new Department X.)