What is Authorization group in SAP?
Authorization groups are described as authorization fields as they secure tables and programs. The SAP system ensures that only authorized users has to access the system to a particular data. It is very important for every organization to protect confidential data against unauthorized access so it is important to concentrate on the usage of the authorization group. For example, Tables are secured with table authorization groups by defining authorizing groups in table TBRG.
By using the t-code “SE11” table authorization groups are defined for the assignment of individual tables.
Let’s check different types of tables of authorization objects, such as the TOBJ table, TACT table, and TBRG table.
TOBJ Table
Enter transaction code SE16 in the command field and enter, enter the table name in the field, and press enter.
Click on execute (F8).
Here you can see that table contains all the objects, fields, and fixed columns, and each field has activity as well as fields.
Tact table: –
Go back and enter tact in the table name. It stores the information of all activity and it performs on objects that you can create, modify and delete.
In the below table image we can check different activities like create, display, print, lock, and so on.
TBRG Table
TNRG contains all the authorization groups that provide information about the relation between object and authorization groups. In table we can different fields with MANDT, BROBJ, BRGRU and BEZEI.
Maintain authorization group in TPGP and allocate authorization group to programs that we want to secure in TPGPT. Authorization groups can be assigned to one or more programs, but programs are assigned to only on authorization group. We can assign a program authorization group in the program by using transaction code “SE38 and SA38” in SAP.
So the user requires authorization to authorize the authorized program with fields that contain authorization groups. In this way, we can restrict unauthorized user to access the data and securing confidential data.