• State Not Answered
  • Replies 3 replies
  • Subscribers 99 subscribers
  • Views 248 views
  • Users 0 members are here
Options
Related

OIM : SAP GRC Access Control - Provisioning SAP Application

epascal

Hi everyone,

Has anyone here implemented a connector in One Identity Manager to provision SAP applications through the SAP GRC Access Control module using web service calls?

In particular, I am looking at using the SAP GRC Access Control web services (for example, to submit access requests and track their status) as the target for application provisioning, instead of provisioning directly to SAP systems. I would like to know:

  • If anyone has already implemented this kind of integration (OIM → SAP GRC AC → SAP systems) and is willing to share some high-level design ideas or lessons learned.

  • If there are any best practices or recommended patterns for handling the web service calls (error handling, retries, request/response mapping, etc.).

  • If you know of any official or community documentation, implementation guides, sample configurations, or presentations describing this integration scenario.

Any pointers to documentation, examples, or your own experience would be greatly appreciated.

Thanks in advance!

  • 0

    The client I was on (finished up just before XMas) has GRC connection using ABAP (scripted with WebServices & Config Params)... They had a custom table to record the GRC requests and poll for updates to progress PWO workflows.

  • 0 in reply to Ben

    Hi Ben,

    thank you for your reply.

    have you found any technical documentation that could help me on this topic ?

  • 0 in reply to epascal

    Sorry, someone else originally wrote the code well before I was on the client and I have since left that client. It was a bit of a set-and-forget configuration as all the related data is driven by SAP systems (CRM/ISU/S4/etc) and the code was dynamic enough to not require any modifications. Only thing I had to fix was a SAP GRC rights issue due to an ACL review they did, but that was simply tracing the ABAP response.

    Here's Google's Gemini response (so take with "a hanful of salt") when searching "sap grc abap api documentation":

    SAP GRC (Governance, Risk, and Compliance) API documentation for both cloud and on-premise ABAP systems is primarily found on the SAP Business Accelerator Hub and the SAP Help Portal. For specific ABAP code-level details within an on-premise system, developers often refer to the system's internal definitions of BAPIs/Web Services and the broader SAP Community resources.