Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
mareike_korn
Advisor
Advisor
571

Introduction


You are using SAP E-Mobility and want to understand how to work with the additional services of Personal Data Manager and the Audit Log Viewer Service. The SAP documentation is not sufficient.

SAP E-Mobility logs the following events related to personal data changes:


  • The creation, modification, and deletion of badges




  • The creation of data records for charging events




 

Personal Data Manager (PDM)


The Personal Data Manager is used to manage data protection relevant requirements.

The processing and use of personal data is governed by legislation.  If the legitimate purpose of data  retention/use of personal data has expired, the data must be deleted. When deleting data in a data set, all referenced objects related to that data set must be deleted as well. After the expiration of the longest retention period, the data must be deleted.

SAP E-Mobility used the Personal Data Manager service provided by SAP Business Technology Platform (SAP BTP) to delete user-specific data.

E-Mobility is designed for typical retention periods of 10 years.

 

How to get access to PDM?



  • With the SAP E-Mobility subscription, the Personal Data Manager (PDM) and the Audit Log Viewer subscriptions are activated in the same SAP BTP subaccount (see screenshot below), as they are dependent services.  If you plan on having multiple SAP E-Mobility subaccounts, the dependent services will have to be activated as well.

  • You have SAP BTP subaccount authorization to create role collections




Activated Subscriptions on the subaccount: SAP E-Mobility, Personal Data Manager (PDM) and Audit Log Viewer

 

1. Create a new 'role collection' in BTP


While SAP E-Mobility roles tend to be more granular, I will be creating one collective role for PDM and for the Audit Log Viewer together.

In the next step logon to the SAP BTP backend and navigate the to SAP E-Mobility subaccount.

Select on the left hand the menu 'Role Collection' under the path 'Security' and create a new Role collection with the '+' in the upper right.

My sample role is called 'Audit and Data'.

 


 

2. Include the single roles in the new Role Collection 'Audit and Data'


For PDM you will need the following single roles with corresponding application identifier.









































































(Single) Role Name  Application Identifier
1 DPPSpecialist retention-manager-service!b1824
2 PersonalDataManagerUser emsp-broker-emobility-prod-emsp!b101332
irp-uaa-production!b54015
3 Administrator retention-manager-service!b1824
4 PDM_OperatorsClerk personal-data-manager!b6007
PDM_OperatorsClerk personal-data-manager!t6007
5 PDM_CustomerServiceRepresentative personal-data-manager!b6007
PDM_CustomerServiceRepresentative personal-data-manager!t6007
6 PDM_Administrator personal-data-manager!b6007
PDM_Administrator personal-data-manager!t6007

 

For the Audit Log Viewer here are the single roles:

































(Single) Role Name  Application Identifier
1 Auditlog_Auditor auditlog-management!b6316
2 Auditlog_Auditor auditlog-viewer!t6316
 

Save and exit the role collection menu.

 

 

3. Assign the new Role Collection to the desired UserID


For my UserId I'm picking industry_demo and use 'Assign Role Collection' to authorize my new role role collection 'Audit and Data.

 


 

 

4. Logon to the applications


PDM and the audit log viewer have different logon screens. In my sample I don't have yet the Central Fiori Launchpad  service setup and therefore have to access both applications via different URL's.

 

PDM:

https://****.personal-data-manager-portal.cfapps.eu10.hana.ondemand.com/cp.portal/site#Shell-home


Audit Log viewer: 

https://****.auditlog-viewer.cfapps.eu10.hana.ondemand.com/index.html


 

**** is the name of your SAP BTP subdomain of the SAP E-Mobility (subaccount).

 

5. Data Retrieval PDM


Select the tile 'Manage Personal Data'.


Enter the first name, last name and e-mail address. Make sure, you enter all 3 data fields in order to receive the complete personal records from SAP E-Mobility. The email address is the email address that is maintained in the SAP E-Mobility Badge.


 


 

Select the records that need to be deleted and in the next screen you will find the delete button

 


 

Select 'Display Details'


 

6. Data retrieval in the Audit Log


Logon to the Audit Log Viewer as described in #4 and click refresh after you verified the from-to selection. Occasional you will be getting a message to refresh your browser session, just use your browser refresh button.


You can select the user via the filter. In the message log you can find the relevant security events.

 

Summary


Now you are enabled and can set up the PDM service and the Audit log viewer in addition to the SAP E-Mobility setup.

 

References