Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Analytics Cloud Tenants API for setting right permissions

SaikrishnaBollineni
Product and Topic Expert
Product and Topic Expert
‎07-12-2022 5:00 AM
Hello All,

Assigning the right accesses, privileges or permissions to the right people ensuring that only the authorised individuals could access certain data on the SaaS (Cloud) based applications is the paramount for any business application.

In this blog, we tried to summarise the steps on how to revoke the rights using an API for the SAP Analytics Cloud users from unintended actions.

 

Problem Statement: 

SAP Analytics Cloud has provision that allows ALL users to create content in the "Sample Folder" in the File structure which sometimes is challenging for the administrators to manage that content further.

Requirement: 

This would require then to have an ability for the Administrator(BI admin) to remove the rights from users from accessing and creating any content in the sample folder.

 

Solution: 



The SAP Analytics Cloud Tenant API is a REST API that allows the third party applications access to story and user data stored on an SAP Analytics Cloud tenant.

Using the /Permissions endpoint, you can retrieve content’s permission information and modify it.

Process: 

  • Step 1: Under System > Administration > App Integration, create a new OAuth client with API Access. Follow this guide for steps on how to create an OAuth client in SAC.



 

  • Step 2: The following GET request returns information on who has access to Samples folder: https://<TENANT ID>/api/v1/permissions/SAMPLES



 

  • Step 3: The following DELETE request revokes the default (ALL) grantee’s access to Samples folder: https://<TENANT ID>/api/v1/permissions/SAMPLES/ALL





For more details on the SAP Analytics Cloud APIs, please check out the API Hub : https://api.sap.com/package/SAPAnalyticsCloud/rest

Detailed documentation on SAP Analytics Cloud APIs : https://help.sap.com/docs/SAP_ANALYTICS_CLOUD?q=APIs

Labels:
6 Comments
Manivannan
Advisor
Advisor
‎07-12-2022 5:47 AM
Hi Venkat

A customer having both SuccessFactors and SAC License would ideally want data security to be applied same in both the tenants. Can we use the APIs to restrict data for Users on SuccessFactors Data in SAC?

Regards

Manivannan P
abe_enoch
Explorer
‎07-23-2022 5:38 AM
0 Kudos
Hi Venkat,

Thanks for the info on SAC tenant API's.

Link to guide in Step -1 is not accessible and throws the message "We're sorry, but this content is not accessible." though I have tried accessing with S-User and Learning hub license. What level of access is required to access this link ?

Thanks!
jens-uwe_kiefer
Explorer
‎09-28-2022 4:49 PM
0 Kudos
Hi Venkat,

we would prefer to not delete but to adjust the authorizations for "ALL" as we still want to grant READ access to our users.

How can this be achieved? The API documentation states that POST and PATCH should not be used as they are only designed to be used for SuccessFactors.

What would you recommend?

Thanks!

Jens-Uwe
mfoeken
Active Contributor
‎11-22-2022 10:56 AM
Hi sai.bollineni,

I'm also very interested to learn how to make sure specific teams would be able to access the Samples folder and revoke rights for All Users.

Thanks for sharing your thoughts!

Kind regards,

Martijn van Foeken | Interdobs
jens-uwe_kiefer
Explorer
‎01-10-2023 3:47 PM
0 Kudos
Hi sai.bollineni / 537671 ,

could you please update on when a more detailled explanation can be provided?

Thanks!

Jens-Uwe
sanjayrajarao
Explorer
‎02-15-2023 8:45 PM
0 Kudos
How do we get the xsCompliantGranteeId for a Team.

 
Labels in this area
Popular Blog Posts