The authorization concept in SAP involves the provision of users access using a role-based identity management.
When the user logs into the system, the SAP applicaton authenticates that user by checking the authorization object assigned to that user.
In order to execute a transaction in SAP the user needs to have a series of authorization objects requested for that transaction and pass all the chekc done by the system.
All the authorization object are assigned by a combination of roles or composite roles defined for the specific organizational position the user is hold inside the company.
The roles can be assigned directly or indirectly with teh composite roles, which are group of roles.
Authorization concept
