Authorizations

Authorizations are set for vendors and groups. By default, the users assigned to the vendors and groups inherit the corresponding authorizations; Buyer admin users inherit from the group, and supplier users from the vendor.

It is not possible to set authorizations for users in addition to the ones they inherit from their group or vendor. However, users may also have fewer authorizations/restrictions. For details about how to set authorizations, see Set vendor-specific authorizations and Set supplier user authorizations.

Authorizations can be set by administrative users on the following levels: document type level and activity level.

Document type level

Authorizations on document type level are set for groups and buyer admin users. This authorization level defines the Worklist nodes that are available for the users, and it allows to restrict the users of a group to specific document type-related actions; for example, view the documents of only a certain company code.

The following document types can be authorized.

Invoices
Purchase orders
Vendor master data
Vendor master change requests

Activity level

Authorizations on activity level are set for vendors and supplier users. The activities for which authorizations can be set pertain to user actions on the document types the users are allowed to access. For example: creating invoices, submitting invoices to the ERP system, attaching images to invoices.

The following activities can be authorized for each document type.

Activity	Description
Admin	Administer vendor master data; for example, activation and deactivation of a vendor
Attach	Upload attachments to documents
Audit trail	View the audit trail for documents
Change	Change documents
Create	Create documents
Delete	Delete documents
Dynamic discounting	Apply dynamically discounted payment terms
Submit	Submit a draft invoice to the SAP system
Workflow	Trigger a workflow