Managing access to financial data requires careful attention to user roles and permissions. In SAP's universal journal, different accountants need different views of the same data—and that's where authorizations come into play.
What Is the Universal Journal?
The universal journal serves as the foundation for integrated accounting. It combines financial and management accounting data into a single chart of accounts, eliminating the need for reconciliation between these areas. This unified approach brings together:
– General Ledger Accounting
– Asset Accounting
– Controlling
– Profitability Analysis (integrated with margin analysis)
– Material Ledger
All data is stored in table ACDOCA, creating one source of truth for your financial information.
Why Authorizations Matter
Even though everyone accesses the same underlying data, business requirements differ by role. A general ledger accountant might need visibility into all company code data for financial statements, while a cost accountant should only see specific cost centers relevant to their area.
Setting Up Access: Business Roles and Business Catalogs
You grant access by assigning business roles to users using the Maintain Business Roles app. These roles combine pre-defined business catalogs with restriction types that control read and write access at the field level.
Learn how to set up access: Maintain Business Roles
Key Business Roles and Catalogs
Here are some common examples:
– General Ledger Accountant: SAP_FIN_BC_GL* (Template: SAP_BR_GL_ACCOUNTANT)
– Asset Accountant: SAP_FIN_BC_AA* (Template: SAP_BR_AA_ACCOUNTANT)
– Cost Accountant – Overhead: SAP_FIN_BC_OH* (Template: SAP_BR_OVERHEAD_ACCOUNTANT)
– Cost Accountant – Sales: SAP_FIN_BC_SA* (Template: SAP_BR_SALES_ACCOUNTANT)
– Cost Accountant – Inventory: SAP_FIN_BC_IA* (Template: SAP_BR_INVENTORY_ACCOUNTANT)
– Cost Accountant – Production: SAP_FIN_BC_IA* (Template: SAP_BR_PRODN_ACCOUNTANT)
The beauty of this system is its flexibility. You can use the provided templates as starting points or create custom business roles tailored to your organization's specific needs.
Setting Up Access: Restriction Types
Figure: Restriction Types in the System
To further define access to customer data, authorization values are assigned to restriction fields, which are grouped into restriction types. General organizational restriction types are found in the General section of the Maintain Business Roles app and each contains a single restriction field. The combined settings across all restriction types determine the overall authorization granted to the business role and its assigned users.
Configure restriction types consistently across all relevant business catalogs to ensure users can work effectively within their applications.
Learn how to use restriction types: How to Define Authorizations Based on Restrictions
For a detailed list of the restriction types for analytics for the universal journal, see Authorizations for Analytics for Universal Journal .
Further Reading:



