The Identity Blog

IAM Features By 1Trooper’s SAP


The role of Identity Access Management (IAM) is to ensure that all the business users in an organization are having defined and managed roles. The companies can monitor and also tailor business roles according to their needs and requirements with the help of IAM. The S/4HANA Cloud Identity and Access Management Toolkit enable businesses to view information on Business Users, Business Roles, Business Catalogs, Restriction Types, Authorization Traces, and much more.

Key characteristics

  • Equipped for emerging security trends
  • Compatibility and integration
  • Mobile-ready access control
  • Various identity verification options
  • Comprehensive analytics
  • Fast incident alerts and responses

Cloud Identity Access Governance

It is a product that integrates to S/4HANA Cloud. Cloud Identity Access Governance has audit functionalities and advanced identity and access management segregation of duty checks. Having an integration of Cloud Identity Access Governance to S/4HANA Cloud provides a complete solution for managing and auditing identity and access management. Cloud Identify Governance not only provides a more complete functionality on the segregation of duty checks and audits but can also be used across several cloud solutions, providing the end-user with a simpler experience.

Key benefits

  • Simplified governance of data access with minimized risk and secure access
  • A seamless user experience that has strengthened security
  • Adoption of identity and access governance with maintenance-free updates.

Key capabilities

  • Access compliance management
  • Intelligent optimization of assignments
  • Extended control and risk management

Display Authorization Trace

With this application, business users can enable an authorization trace. It also helps in analyzing the missing and insufficient authorizations. 

Key features

  • It activates/deactivates a trace. 
  • It checks results including previously assigned authorizations and failed checks


While accessing the Display Authorization Trace application, the user has to double-check whether the trace is activated. The trace information can be searched. The information regarding the last changes is also there. 

There are many search options. For example, 

Access category:

  • Read
  • Write
  • Value Help

Authorization Check Status:

  • Successful
  • Failed
  • Filtered

Successful status means that the check was successful. Failed status shows that the check failed. A filtered status indicates that some data is filtered out. The user shall check on what business role has affected the restriction type. For example, a required business role might not be assigned to a user, resulting in a filtered status.

Write a comment