The SAP R/3 package comes with standard set of transactions across various modules such as MM, SD, FICO, PS, PP, QM, etc. However, organizations many a times feel the need to customize SAP to suit their
requirements. SAP offers the flexibility to organizations to go in for custom transactions frequently referred to as "Y" transactions or "Z" transactions. These transactions can be developed through ABAP programming.

Personally, I have no objections to go in for cusotmizations. But, such custom SAP transactions need to be secured adequately. Now, how do you do that. Custom transactions in SAP can be secured in two ways. One is by using a default S_TCODE check and secondly by assigning an authorization object to the transaction.

1. Securing Custom Transaction through Authorization Object S_TCODE: When a user tries to launch a transaction, the authorization object S_TCODE checks whether the user is authorized for the transaction or not. To make the authorization object S_TCODE work, the transaction must appear in the object S_TCODE in the user's profile.

2. Securing by assigning an authorization object to a transaction: Custom SAP transactions can be secured by assigning an authorization object to the transaction. This can be done through Transaction Code SE93.

Related Posts on SAP >>

Correction & Transport System in SAP , Authorization Concept in SAP , SAP Number Ranges