Structural Authorizations as the name suggests are used to restrict access to a certain organizational structure. As such they are only used while accessing HR data. In general, structural authorizations serve two purposes
- Restrict access to certain OM objects like Org Units, Jobs, Tasks, Qualification Catalogs etc.
- In interaction with the access to authorization objects for PA master data, they can restrict access to certain set of persons in the enterprise.
While using structural authorizations, its important to note that
- A person’s total authorization is a result of the interaction between his general authorizations (through roles) and his structural authorizations (through PD profiles).
- Secondly, structural authorizations are always used to restrict access. You can never use structural authorizations to grant access. It can only be used to restrict access to a smaller set of objects or people than is already given though a general authorizations.
- While using structural authorizations to restrict access, we need to ensure to add access to the corresponding objects are also added to the user’s roles through PLOG.
Since we have already extensively discussed, security roles and their assignment we will use the next few articles to describe PD profiles and their assignment.