If you work with several colleagues from a company in an SAP Business One system it is advisable to set different authorization levels or user roles. The larger an organization is, often different levels are required.

First, there is the role of super user. This role is reserved for the functional administrator of your company’s SAP Business One ERP system. Often, he is also the project leader during the implementation process. The functional administrator or super user can add users and can change their authorizations.

Rights by department.

In larger companies, there are usually different departments that may or may not have access to each other’s data. For example, that the commercial department does not need to be able to view the data of the purchasing department and vice versa.

Supervisor approval.

In addition to user roles by department, there is often also a difference in the level of authorization between an organization’s employees and its managers.

Executives, especially financial managers, often have to approve a particular purchase invoice. Therefore, they have rights on the system that other normal users do not have.

However, it may also be that employees need to be able to control the work of others according to the policies established in the organization. However, it’s not about setting up different user roles, it’s about setting up the right workflow.

view or edit

Super users sometimes have doubts about the far-reaching rights of colleagues. After all, if employees have a lot of rights in the system, they can also “destroy”. In practice, however, this is not so bad. Therefore, there is a difference between being able to see certain data and the possibility of adjusting it. When creating user roles, the difference is correctly marked between viewing and editing.

For many employees, being able to view certain data is enough to be able to carry out their work correctly. Only a limited number of them need to be able to edit this data.

Share SAP Business One licenses

In the experience that Algoryt has in implementing SAP BUSINESS ONE, THERE IS A SERIES OF QUESTIONS, the most common is.

Can I share licenses between colleagues?

In practice, this is a significant risk to your SAP Business One ERP system. When something is incorrectly removed or changed, it’s hard to figure out where the mistake was made. This also makes it difficult to restore the original data.

Therefore, we always recommend keeping the system as clean as possible and sometimes temporarily giving users more rights and then removing them. This is a more secure practice than signing in with a different name.

 

Closed doors

Nobody likes constantly bumping into closed doors. That is why our SAP Business One ERP system has set up the access rights in such a way that entire modules are visible to some and completely invisible to others.

A user with fewer or other rights often has a different panel and menus. Only if you appear unexpectedly via a link on a screen you don’t have rights to, you’ll see a message that you don’t have rights to this screen or page.

 

Custom user roles

Although our consultants can advise you on a number of standard authorization levels, there are also organizations where customization must be provided for certain user roles.

Fortunately, this is not difficult in SAP Business One. The super user can fine tune the access rights per user.