Roles
For information on roles in SAP SRM 7.0, refer to the following:
http://help.sap.com/saphelp_srm70/helpdata/en/74/344c430fab4d0bbc30996d56cc293a/frameset.htm --> Business Packages --> Business Packages for SAP SRM 7.0
Here you will find the relevant roles in Sap sRM 7.0, based on different requirements like Harmonized Procurement for SAP ERP & SAP SRM, SAP SRM Procurement for Public Sector or SAP SRM on One Client in SAP ERP
SAP Note 1261825. Here, you will find a comparison of PFCG and portal roles in SAP SRM 6.0 and SAP SRM 7.0
The new User Interface and Portal environment --- makes it easier for employees to personalize the User Interface content; for example, by using WebDynpro’s inbuilt personalization functions and Personalized Object Work List (POWL). For your IT department, it is easier to control the usage
of applications based on roles in the SAP Enterprise Portal.
Portal Business Content --- Completely new Portal Business Content has been introduced in SAP SRM 7.0, offering full role-based access for employees. The new Business Content integrates SAP ERP user interfaces and
SAP SRM user interfaces in a seamless fashion.
Single Sign-On
In general, the authentication for single sign-on (SSO) is set with a Logon Ticket that is generated at the
first logon to a specific Enterprise Portal, and which must be uploaded into each target system that needs
to communicate with the portal.
You do this in transaction STRUSTSSO2:
- Add to Ticket List (known within the complete system)
- Add to ACL (valid for the client)
In transaction RZ10, you must ensure that the following two parameters are set correctly:
- Login/accept_sso_ticket: 1
- Login/create_sso_ticket: 2
A general recommendation, in order to avoid problems with single sign-on, is to always use fully qualified
domain names. An example:
- https://portal/irj/portal
- https://portal.wdf.sap.corp/irj/portal
Even though URL 1 can be resolved correctly on the IP level, it can cause problems with SSO, as the
browser does not know that the cookie stored as the logon ticket for URL 2 can also be used for URL 1.
The only reason that URL 1 can be resolved at all is that the name portal is already unique for this portal.
For further information about Single Sign-On refer to:
User Management
We recommend using single sign-on (SSO) for User Management. Therefore, the usernames in both
SAP SRM and the Portal must be the same. In order to determine which actions are necessary, the
following decision tree can be a help:
Note: SAP recommends use of ABAP only if the portal is used for SAP SRM exclusively. If the portal is not used for SAP SRM exclusively, we recommend using LDAP.

Roles for SAP SRM
The following sections describe the PFCG roles available for SAP Supplier Relationship Management 7.0 (SAP SRM 7.0).
Name | Technical Name |
SAP SRM: Invoice Verification Clerk | /SAPSRM/ACCOUNTANT |
SAP SRM: Administrator | /SAPSRM/ADMINISTRATOR |
SAP SRM: User Administrator | /SAPSRM/ADMINISTRATOR_USR |
SAP SRM: Bidder | /SAPSRM/BIDDER |
SAP SRM: Employee | /SAPSRM/EMPLOYEE |
SAP SRM: Manager | /SAPSRM/MANAGER |
SAP SRM: Operational Purchaser | /SAPSRM/OP_PURCHASER |
SAP SRM: Component Planner | /SAPSRM/PLANNER |
SAP SRM: Internal Dispatcher | /SAPSRM/RECIPIENT |
SAP SRM: Purchasing Assistant | /SAPSRM/SECRETARY |
SAP SRM: Strategic Purchaser | /SAPSRM/ST_PURCHASER |
SAP SRM: Supplier | /SAPSRM/SUPPLIER |
SAP SRM: Survey Owner | /SAPSRM/SURVEY_OWNER |
SAP SRM: Survey Reviewer | /SAPSRM/SURVEY_REVIEWER |
Authorization for accessing SRM Enterprise Services | /SAPSRM/ENTERPRISE_SERVICES |