- SAP Community
- Products and Technology
- Additional Q&A
- Automatic Creation of Roles and Role Mappings in G...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Automatic Creation of Roles and Role Mappings in GRC
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 07-26-2010 2:19 PM
Hi,
we are planning to use SAP Identity Management and SAP GRC Access Management.
In SAP IDM we have defined several business roles that contain privilieges in SAP systems. When a user is requesting a role, the request will first be sent to SAP GRC for approval and risk checking.
In order to get this to work, we need to load the business roles of SAP IDM into SAP GRC and we also need to configure the role mapping between the business roles and the technical SAP privileges.
From what I understood, this could be implemented by loading the required information via Excel filles into SAP IDM.However, this is a quite cumbersome and error-rpone approach an we would like to automate this.
Is there a way to use e.g. web service calls to create/delete roles and role mappings in SAP GRC?
BTW: is a documentation of all available GRC web service calls and their parameters available?
Thanks for your help in advance!
Best regards
Tom
Accepted Solutions (0)
Answers (3)
Answers (3)
koehntopp
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Tom,
as stated before, the web service description is in the config guide.
Unfortunately there is no web service to create roles or even mappings in CUP - this is one of many I would also like to se created
I don't think in your context you will be able to directly send Business Roles to CUP. The role mapping only happens after you send the request, so I'm not sure if that's in time for risk analysis - you will need to try that.
Are you a customer or a consultant - anyway, feel free to contact me if you need further help integrating CUP and IdM. This is an evolving interface with many possible scenarios, so it's not easy to give you good advise without seeing the full picture.
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Tom,
Check out the below HOWTO guide on GRC and IDM integration:
Regards
-Ranjiv
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Tom,
There is a document available for all the available GRC web services. As far as I know, there is no web service which will allow you to manipulate the role creation/updation/deletion in to GRC CUP.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Automatic E-Mail Alert when Exception in EWM MFS is fired in Supply Chain Management Blogs by Members
- Data Proposal for Sales Order Requests - Determination with Reference to Order Creation History in Technology Blogs by SAP
- SAP PaPM Cloud Universal Model: Deploy your environment via Manage Containers in Financial Management Blogs by SAP
- Top Picks: Innovations Highlights from SAP Business Technology Platform (Q1/2024) in Technology Blogs by SAP
- Unlocking Full-Stack Potential using SAP build code - Part 1 in Technology Blogs by Members
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.