Analysis Authorizations are used to secure individual InfoObjects during
execution of queries. If we get a requirement of the form user should be only able to see for sales for the US companies but not for the European ones, Analysis Authorizations are the way forward. In this post we will try to take a closer look at how these authorizations work and how to maintain them. SAP provides the transaction RSECADMIN for working on different aspects of analysis authorizations. The different tabs of the transaction allow authorization maintenance, user assignment, transport and tracing potential errors. Analysis Authorizations are also be directly maintained through the transaction RSECAUTH. In addition to the tcodes, A person needs access to the authorization object S_RSEC to work with analysis authorizations.
0TCAACTVT (Activity in Analysis Authorizations) Default value
03(display) is sufficient for reporting. However, 02 (change) is needed for using planning functionality of BI as planning essentially allows updation of data into InfoProviders
0TCAIPROV (Authorizations for InfoProvider) We maintain the
InfoProviders for which the authorization is meant to give access. Default is *
0TCAVALID (Validity of an Authorization) Default value is * but
can be used to restrict analysis authorization by validity dates.