Describing Permissions and Security Model in the SAP SuccessFactors Suite

Objective

After completing this lesson, you will be able to describe the permissions and Security Model used in SAP SuccessFactors Suite

Role-Based Permissions (RBP)

Role-Based Permissions (RBP) is a security model that allows you to restrict and grant access to your SAP SuccessFactors HCM Suite. RBP controls access to the applications that employees can see and edit. This is a suite-wide authorization model that applies to the majority of the SAP SuccessFactors products.

Watch the video to learn about Role-Based Permissions.

Role-Based Permissions contain two main elements: Permission Groups and Permission Roles.

A permission group is a subset of employees who share common attributes, such as job code or city. These groups can be created as either static or dynamic. Dynamic groups automatically update their membership based on changes in employee information, while static groups maintain a consistent membership that only changes when updated manually.

Navigate to Manage Permission Group using Action Search to create or edit a permission group.

A permission role is a set of permissions assigned to a permission group.

Use the Action Search to navigate to Manage Permission Role

Certain permissions require assigning them to a group and identifying the specific population the group can access. For instance, when designating a group of IT personnel to reset user passwords, it's essential to specify whose passwords they are authorized to reset. You can determine the target population, whether they can reset all employee passwords or only those employees located in the same city as the IT.

Note

To learn more about Role-Based Permissions and other data security you can visit the SAP SuccessFactors Platform Security section in the SAP Help Portal.

Additional Permissions aside from Role-Based Permissions

Some SAP SuccessFactors solutions, especially those that use form-based templates, use additional permissions to control specific access to fields and sections of an application. An example of this is SAP SuccessFactors Goal Management. Although Role-Based Permissions (RBP) can control who can access a specific goal plan, the sections and fields of the goal plan are further controlled at the XML template level.

SAP SuccessFactors Learning is another example. The role-based permission includes access to the application, but all the learning entities (courses, items, classes, and so on) are controlled by security domains of the Learning Management System.

Log in to track your progress & complete quizzes