Creating Fiori Roles as you drink your Morning Coffee

Creating Fiori Roles as you Drink your Morning Coffee

Setting up S/4HANA Authorizations and keeping them UP TO DATE


  • S/4HANA presents new challenges in respect of authorizations:
    • Alongside traditional authorizations, users also have to be given access to Fiori apps, catalogs, and groups.
    • Simplification is also a focus.
    • Process simplification hinges on maximum clarity (despite growing numbers of tiles).
    • Many additional rights are required for S/4HANA.
  • We need simple solutions to complex issues: new roles have to be created across multiple levels without significant effort.
  • Manually creating individual roles for a S/4HANA project is a herculean task!
  • Nowadays, roles should be process-related due to the speed at which organizations change.

Have you documented your processes and modeled them using BPMN diagrams?

  • If so, take advantage of our solutions and save yourself significant work!
  • You need simplification – we deliver!

Automatic Generation of Roles and Authorizations

Modeling in SAP Solution Manager 7.2

  • The process diagram is stored or modeled in SAP Solution Manager with the required Fiori apps.
  • The next step is to export the complete diagram.
  • The (blank) roles are created automatically in the required system on the basis of lanes.
  • The roles are then stored directly with the processes in SAP Solution Manager.
    • This means that they are also displayed in the event of process changes, thus avoiding additional errors.


Setting Up Roles Automatically

  • The Fiori apps modeled in the process diagram are mapped using technical information
  • This mapping delivers the following information:
    • Business catalog
    • Business group
    • PFCG role
    • OData Service
  • This information is used to fill the previously created (blank) roles
  • Regular updates are possible at any time: This ensures consistency

Technical Process

  • The processes stored in SAP Solution Manager (on basis of SAP Activate in the case of a Greenfield approach or the previously documented processes in the case of a Brownfield approach) provide the basis.
  • Roles are set up based on functions in line with the actually implemented processes – with full transparency for business and IT.
  • In addition, XEPTUM automatically exports lanes and assigned steps.
  • There then follows an automatic mapping of Fiori apps for authorizations/catalogs etc.
    • Additional content exists for special cases.
    • Our solution contains a unique converter for use in SAP systems.
  • The created authorization roles are stored – as intended – as configuration elements directly with the documented process.

Fully transparent and consistent!

Your Benefits

  • S/4HANA authorizations out of the box!
  • Your processes are used as the direct starting point for your authorizations.
  • This significantly reduces the effort of creating roles over 3 levels.
  • It avoids complex and lengthy Fiori interface searching and testing.
  • The one-click solution for everything Fiori related based on your BPM diagrams
  • Plus: professional support for open questions!

Our Service

  • Provision of an easy-to-use interface for creating Fiori apps
  • One-click solution for creating roles from BPMN
  • Combination of solutions to ensure maximum benefit for minimum effort

S/4HANA authorizations out of the box!