Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
Showing results for 
Search instead for 
Did you mean: 
Active Participant


This tool supports exploration and management of authorization groups.


  • List Authorization Groups (Quick Jump to SE54 identical feature)

  • List Authorization Groups used in Table/View maintenance dialogs (Custom Feature)

  • List Authorizations Profiles / PFCG Roles where a given Authorization Group is embedded (Custom Feature)

  • Maintain Authorization Groups (Quick Jump to SE54 identical feature)

  • Assign Authorization Group to Table/View Maintenance Dialog (Quick Jump to SE54 identical feature)

The Problem

A recurring task is to create SM30 maintenance views in onPremise SAP systems on top of customizing tables to enable configuration of processes. When You generate a maintenance dialog, You can choose an authorization group to protect recording data to the table/view through the generated maintenance dialog.

Sometimes that Authorization Group is not predefined in the requirement, due no appropriate one exists, or no one can provide You with an appropriate Authorization Group name, but protection of recording entries in the table is essential. You can search for existing groups or create new one, then validate it by people defining the requirement. At this point You might find Yourself in a jungle to come up with a right Authorization Group. This tool is a helper to bunch the required functions together to solve this problem quickly.

Technical Background

The Authorization Group itself is a Field in the Authorization Object S_TABU_DIS. The Authority Check is done against this Group and the Activity (02-Edit/03-Display ) by the system.

This Object can be assigned in the Authorization Profile of the corresponding Role in transaction PFCG to provide Display or Edit capability for a user having the Role:


Clone repository

using ABAPGit (online / offline).

Licence: MIT

Features of the tool

The following selection screen welcomes You, when You execute the report zsapdev_authgroup.


Show Authorization Groups

Shows all the Authorization groups in the system, which are client (in)dependent.

This is a standard feature.

List Authorization Groups used in Table/View maintenance dialogs

I developed this feature to get an insight which Authorization Groups are used in our systems in maintenance dialogs. You can restrict the search. It comes handy to search for Z* Authorization groups to see which You have, and to which tables/views are they assigned at the moment.

Roles with Authorization group

In case You are trying to validate correctness of an existing Authorization Group, You can fetch the PFCG Roles within a given Authorization Group is used. Without defining a Group, all the PFCG roles are listed having Authorization Groups.

Maintain Authorization Groups

When You didn’t found any appropriate Authorization Group, here You can create a new one.

This is a standard feature.

Assign Group to Table / View Maintenance dialog

You can change Assign Authorization Groups to tables in Mass. The next selection screen helps to list maintenance dialog objects by name or currently assigned Authorization Group.

This is a standard feature.


ATC Check: Passed

Manual validation done on:

Software Component Release Support Package Support Package Level Description
S4FND 104 SAPK-10402INS4FND 0002 Foundation
SAP_ABA 75E SAPK-75E02INSAPABA 0002 Cross-Application Component
SAP_BASIS 754 SAPK-75402INSAPBASIS 0002 SAP Basis Component
SAP_GWFND 754 SAPK-75402INSAPGWFND 0002 SAP Gateway Foundation
SAP_UI 754 SAPK-75404INSAPUI 0004 User Interface Technology


Good luck with Authorization Groups 🙂

Labels in this area