Users, Roles & Authorizations

A user sees an app's tile in the launchpad, but the app fails to start. Which authorization layer is missing?

For a user to read KPI data in an analytical app, where must the app-specific roles be granted?

What is the first step when setting up front-end roles from SAP's delivered templates?

What must happen to an app's OData service before you can assign its start authorizations?

In which systems must a Fiori user exist when all three classic app types are used, and what helps keep the users in sync?

How does an app become visible to a user in the SAP Fiori launchpad?

Can the delivered standard business role be assigned to users directly — and what do real projects do instead?

The delivered app roles are assigned, yet users still can't work with the business data in a transactional app. Why?

Which transactions manage users and roles for Fiori on AS ABAP?

What is the difference between authentication and authorization in a Fiori landscape?

Why are OData service authorizations entered as 'TADIR services' in PFCG?

Which extra authorization object do fact sheet apps need for search access, and what fields does it carry?

How do you add an OData start authorization to a copied role in PFCG?

Why does a Fiori user need both a front-end and a back-end PFCG role?

How do you implement the back-end role for a Fiori app, and what is the end state for the user?

What does a delivered business catalog role like SAP_SD_BCR_FIELDSALESREP_X1 give a user, and how do you decode the naming?