- SAP Community
- Products and Technology
- Additional Q&A
- SAP GRC Compliant User Provisioning (CUP) Password...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
SAP GRC Compliant User Provisioning (CUP) Password Self Service
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 01-05-2010 7:09 AM
Hello everyone,
I am setting up Password Self Service within CUP. For those users that do not already have access to the UME frontend, I know that I need to create a user ID in the UME frontend for each user so that they can access the Password Self Service option. Since I only want the user to access the Password Self Service option, what UME role do I assign to them to ensure that they cannot access anything else within CUP?
Thank you!
Johonna
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hello everyone,
From looking at other postings on this topic, it appears that you cannot restrict a user to only the Password Self Service option and that you must give them access to the whole request splash page. This is fine for my client. However, I only see 3 AE UME roles: Approver, Security, and Admin. What role do I use to make sure that they can only access the request splash page?
Thank you,
Johonna
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Johonna,
No authorization is needed for end users to use Password Self Service, you will just need to ensure that they have IDs on system used for authentication (ex. SAP UME in your case).
Initial screen where all request types are listed is accessible to everyone even without any ID or authorization. Only when they select specific request system asks for authentication.
Regards,
Amol
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Johonna,
The 3 defined roles are only those suggested by SAP.
You can create your own roles by assigning the various actions as needed to provide access or restrict as your organisation requires.
However, depending on your patch level, you may find that certain actions are dependant on others to work properly.
Also, you either grant access to the functionality or not. There is no partial or display only setting in the java stack.
Enjoy!
Simon
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Answers (0)
- ABAP Cloud Developer Trial 2022 Available Now in Technology Blogs by SAP
- Overview: SAP Ariba SSO with SAP Cloud Identity Services - Identity Authentication in Technology Blogs by SAP
- Integrating IBM Security Verify with SAP Cloud Identity Services in SAP BTP in Technology Blogs by Members
- SAP HANA Cloud provisioning in Kyma Runtime Environment in Technology Blogs by SAP
- [SAP BTP Onboarding Series] Joule with SFSF – Common Setup Issues in Technology Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.