I have a requirement for a 3rd Party company to access our data.
For example;I am using the SAP_COM_0009 communication arrangement in SAP S/4HANA Public Cloud to allow reading and creation of products. The arrangement is configured with a communication system and communication user.
I want to restrict the communication user to only read access (i.e., allow only GET operations and block POST, PUT, and DELETE). However, I cannot find a straightforward way to configure this restriction.
Here’s what I’ve tried so far:
- Checked the Maintain Communication Users app but found no option to link or adjust business roles for communication users.
- Explored the Maintain Business Roles app to find roles or catalogs associated with the communication user but couldn't identify any direct link.
- Attempted to modify the scope of the communication arrangement itself, but there seems to be no configurable option to enforce read-only permissions.
Critical Note:
While I understand that SAP BTP API Management (APIM) could provide a way to restrict operations at the API level, I do not want to involve SAP BTP APIM due to:
- Additional overhead in configuration and maintenance.
- The preference to keep the setup fully within SAP S/4HANA Cloud for simplicity and to avoid reliance on BTP.
Could someone clarify:
- How to configure a communication user for read-only access in SAP_COM_0009 within the boundaries of S/4HANA Cloud?
- Is it possible to adjust the scope of operations (e.g., GET only) for this communication arrangement?
Any guidance or alternative approaches would be greatly appreciated. Thank you!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.