Getting Started with Administration

Objective

After completing this lesson, you will be able to maintain super admin, security admin, and module admins.

Administrators

SAP SuccessFactors offers different levels of administration to manage the amount of control each user has in the system. There are three basic levels of system administration:

  • Super Administrator

    The Super Administrator is created in Provisioning. This administrator grants permission to others so that they can become a Super Administrator, Security Administrator, or a regular administrator.

  • Security Administrator

    The Security Administrator is responsible for managing all security through roles and permission groups in the Role-Based Permission framework.

  • Administrator

    An administrator is a user who has access to the Admin Center page in SAP SuccessFactors.

When the Super Administrator logs in for the first time, only one link on the Administrator Permissions page is visible. This is Manage RBP Admin and Super Admin Access. Choose the link to assign an employee the permission to function as a Security Administrator.

User Permission Settings

The Set User Permission area displays the tasks that you can use.

Role Based Permission Access Management

Manage RBP Admin and Super Admin Access

To access the features Manage Permission Groups, Manage Permission Roles, andRBP Troubleshooting, users must at least be granted the permissions View Group and View Role from the tool Manage RBP Admin and Super Admin Access available from theAction Search. If they also should be able to changePermission Groups and Permission Roles, users must be granted the permissions Edit Group and Edit Role from the feature Manage RBP Admin and Super Admin Access available from the Action Search.

You can also use the Manage RBP Admin and Super Admin Access admin tool to manage both Role-Based Permissions (RBP) admins and super admins directly in the system. You can add, modify, or remove super admin access as needed.

OptionsDescriptions
Allow Access to Manage Provisioning Access PageIf selected, the admin user can access the Manage Provisioning Access page. This option is enabled automatically when you select Super User for the user.
Allow Access to This PageIf selected, the admin user can access this Manage RBP Admin and Super Admin Access page.
Super AdminIf selected, the admin user has super admin access to your system. Enabling this option automatically enables the Allow Access to Manage Provisioning Access Page option for the admin user.
View GroupIf selected, the admin user can view permission groups.
View RoleIf selected, the admin user can view permission roles.
Edit GroupIf selected, the admin user can edit permission groups.
Edit RoleIf selected, the admin user can edit permission roles.

When selecting Add User and granting the permission, the new user will be in the list with the permissions "Edit Group" and "Edit Role" box checked.

If you select the check box for Allow Access to This Page, then the users will be able to add or remove other users from the group with access to the feature. As a security precaution, the recommendation is to have at least two users with access to this page.

The Super admin is not able to uncheck their own access to the page (since it will forbid them to view this page, thus not able to grant the access back). The checkbox needs to be always checked and not able to change (marked in gray).

For permission role changes that impact a large number of access users, you can enable double-confirmation popups and e-mail notifications for administrators. You can also set a threshold for triggering these notifications. For example, you can set the threshold to 80%, and notifications will be triggered if 80% or more employees are impacted by a permission role change.

RBP Notification Settings

Increased Access Granularity for RBP Administrators

You can manage RBP administrator access under Admin Center Manage RBP Admin and Super Admin Access. Existing RBP administrators have both the Role-Based Permission Admin (View) and the Role-Based Permission Admin (Edit) access by default. You can review and update their access accordingly.

Some RBP administrators only need view access but not edit access.

Roles and Responsibilities of an SAP SuccessFactors System Administrator

Different SAP SuccessFactors administrators have different roles and responsibilities.

System Owner or Advocate

The following responsibilities are relevant to the system owner or advocate:

  • Primary contact between system users and other internal systems
  • Primary contact between users and the system
  • Stay current with all updates to system functionality
  • Communicate with and recommend business processes to the company owners

System Administration

The following responsibilities are relevant to system administration:

  • Management and oversight of user information (for example, data imports, passwords, and notifications)
  • Management of user permissions and privileges
  • Management of forms, competencies, roles, and system notifications

User Support

  • Provision of necessary assistance and support for all Human Resource (HR) managers
  • Implementation of new functionality
  • Training and communication to users of new functionality
  • Provision of reporting assistance to HR and management users
  • Provision of coaching assistance to managers and employees

SAP SuccessFactors Common Terms

TermsDefinitions
InstanceAn instance is the front end, or customer-facing view, of SAP SuccessFactors systems.
ProvisioningProvisioning is the key configuration tool that SAP SuccessFactors uses to control many aspects of a customer instance. In essence, Provisioning is the back end of the system. Customers do not have access to Provisioning.
Admin CenterAdmin Center is the central access point to a wide range of administrative features and tools that can be used to configure and maintain the SuccessFactors application. Admin Center can be used to monitor overall system health, manage cross-suite and third-party integrations. Unlike Provisioning, customers do have access to Admin Center.
Role Based Permission (RBP)Role Based Permissions (RBP) are used to manage users’ permissions in SAP SuccessFactors. The two main components of RBP are permission roles and permission groups. Roles contain the various permissions necessary to perform tasks in an instance. Groups, which can be static or dynamic, contain the actual users who are granted access to roles via group membership.
ProxyThe proxy function allows one employee to act on behalf of another.
Home PageThe Home Page is the default starting page of the SAP SuccessFactors HCM Suite. For employees, the Home Page is the main entry point to the SAP SuccessFactors application and is generally the first page they see after logging into the system. It shows pending tasks, highlights recent activities, and helps users access common functions or areas of an instance quickly.
Org ChartThe Org Chart provides an interactive view of the organizational hierarchy and reporting relationships, including matrix managers, for your users.
PicklistA picklist is a configurable set of options from which a user can select, typically in a dropdown menu or smart search list.
Metadata Framework (MDF)The Meta Data Framework (MDF) is a platform functionality that allows consultants and customers to extend existing SuccessFactors HCM suite capabilities. The main building blocks of these extensions are called Generic Objects (GO).
User Data File (UDF)The UDF is a comma-separated value (.csv) file and is used to add or change data for one or more employees’ records at a time. It is created manually or as an automated output from your Human Resources Information System (HRIS).

Grant Permission to Manage RBP Admin and Super Admin Access

Business Example

Your customer wants to start with Role Based Permissions (RBP) and needs access to the tools so they can manage Role Based Permission access.

ExerciseStart Exercise

Task 1: Grant Permission to Manage RBP Admin and Super Admin Access

Your company has enabled RBP for their instance of SAP SuccessFactors. Access to manage RBP must be granted to the company administrators.

You must search for the user admin and grant them access to manage RBP.

Steps

  1. Find the administrator2025 user.

    1. Log into the instance.

    2. Use the Action Search to navigate to Manage RBP Admin and Super Admin Access.

    3. On the Manage RBP Admin and Super Admin Access screen, verify that you see the user administrator2025 that you created from Provisioning. Otherwise, choose Add User.

  2. Grant RBP to administrator2025.

    1. Verify that the checkbox Allow Access to This Page is enabled for administrator2025.

    2. Enable Edit Group and Edit Role for administrator2025.

Result

You have successfully searched for your admin user and granted them access to manage Role Based Permissions.

Lesson Summary

  • Understand roles, responsibilities, and access levels of Super Admin, Security Admin, and regular administrators in SAP SuccessFactors.
  • Learn how to manage Role-Based Permissions (RBP) through Admin Center, including creating and editing groups and roles.
  • Define and apply common SAP SuccessFactors terms like Provisioning, Admin Center, RBP, Proxy, and User Data File (UDF).
  • Explore security precautions and notification settings for permission role changes influencing user access.
  • Gain knowledge of system administrator tasks, including managing user data, permissions, notifications, and support functions.

Learning

SAP FacebookSAP YoutubeSAP LinkedIn