Using Basic Security Functions

There are three basic ways of creating users in SAP Analytics Cloud: creating users via SCIM API's and Dynamic User Creation using custom SAML IDP, manually, and by importing from a file.

Note

Importing users from an active directory server is not supported.

All SAP Analytics Cloud users must have the corresponding license and rights assigned to them within the system to access specific tasks. All users and their personal information are preconfigured by the system owner or the administrators of your Platform-as-a-Service (Paas). You can replace the default identity provider with your own custom identity provider.

A Team is a group of users. A user can belong to multiple teams. Each team has a team folder, which can only be accessed by the users in that team.

There are pre-delivered standard application roles as follows:

• System Owner
  • Full privileges
  • Only one user can be assigned to this role
• Admin
  • Full privileges
  • Can access all functional areas and has data read access
• Modeler
  • Modeling privileges
  • Full access to all models and dimensions
• Planner/Reporter
  • Planning and reporting privileges
  • Data access granted separately
• Viewer
  • Planning read only
  • No privileges to change anything
• BI Admin
  • Full privileges
  • Can access all functional areas and has data read access
• BI Content Creator
  • Content creator
  • Can create BI content and models
• BI Content Viewer
  • BI read only
  • No privileges to change anything
• SAP BTP Content Creator
  • Access to SAP BTP as a datasource
• SAP BTP Content Viewer
• Boardroom Creator
  • Can create boardrooms
• Boardroom Viewer
  • Allowed to view boardrooms

Watch this video to learn about the roles and the permissions associated with it.