AIF20 Master Guide

Master Guide
SAP Application Interface Framework 2.0

Using SAP AIF 701 and SAP AIFX 701
Target Audience
Consultants
Administrators
Others
Public
Document version 1.0 08/29/2012
Master Guide SAP Application Interface Framework 2.0
History of Changes
The Master Guide is regularly updated in SAP Service Marketplace at
http://service.sap.com/instguides.
Make sure you have the latest version of the Master Guide by checking SAP
Service Marketplace immediately before starting the installation.
The following table provides an overview of the most important changes that were made in
the latest versions.
Master Guide Version
Important Changes
1.00 (August 29, 2012)
First release of this Master Guide
August 2012
Contents
History of Changes ................................................................................ 2
1 Getting Started................................................................................. 5
1.1 About this Document ....................................................................... 5
1.2 Related Information ......................................................................... 7
1.2.1 Planning Information .......................................................................... 7
1.2.2 Further Useful Links ........................................................................... 7
1.2.3 Related Master Guides........................................................................ 8
1.2.4 Related Operations Information ......................................................... 8
1.3 Important SAP Notes ..................................................................... 10
2 SAP Application Interface Framework Overview .......................12

2.1 Software Units of the SAP Application Interface Framework .... 13
2.2 Software Component Matrix ......................................................... 14
2.3 System Landscape ......................................................................... 16
2.4 Overall Implementation Sequence ............................................... 19
3 Business Scenarios of the SAP Application Interface

Framework ........................................................................................20
4 Security Considerations ...............................................................21
4.1 Fundamental Security Guides ...................................................... 21
4.2 Authorization Objects .................................................................... 22
4.2.1 Authorization Object for Interface Processing /AIF/PROC ............ 22
4.2.2 Authorization Object for Customizing Steps /AIF/CUST ................ 23
4.2.3 Authorization Objects for Error Handling /AIF/ERR ....................... 24
4.2.4 Authorization Object for Technical Error Handling /AIF/TECH ..... 25
4.2.5 Authorization Object for Emergency Corrections /AIF/EMC ......... 25
4.2.4 Authorization Objects for Custom Functions /AIF/CFUNC ............ 26
4.2.4 Authorization Objects for Custom Hints /AIF/HINTS ...................... 26
4.2.4 Authorization Object for Interface Determination /AIF/IFDET ....... 27
4.2.6 Authorization Object for Value Mapping Maintenance
/AIF/VMAP ................................................................................................... 28
4.3 Template Roles ............................................................................... 29

4.3.1 Single Roles ....................................................................................... 29
4.3.2 Composite Roles ............................................................................... 41
4.4 Interface- and Key-Field-Specific Authorizations ....................... 45

4.5 Considerations about Data Protection......................................... 46
4.5.1 Single or Multi Message Index Table ............................................... 46
4.5.2 Log of Changes in the Error Handling ............................................. 46
4.5.3 Information Contained in Interface Data ......................................... 46
5 References .....................................................................................47
6 Media List .......................................................................................49
August 2012
7 Release Availability Information ..................................................50
August 2012
1 Getting Started
1.1 About this Document
1 Getting Started
Purpose
This Master Guide is the central starting point for the technical implementation of the SAP
Application Interface Framework. You can find cross-scenario implementation information as
well as scenario-specific information in this guide.
Use the Master Guide to get an overview of the SAP Application Interface Framework, its
software units, and its scenarios from a technical perspective. The Master Guide is a
planning tool that helps you to design your system landscape. It refers you to the required
detailed documentation, mainly:
Installation guides for single software units
SAP Notes
Configuration documentation
SAP Library documentation
The Master Guide consists of the following main sections:
Section 1 Getting Started explains how to use this document and related information
(documentation and SAP Notes) that is crucial to the installation and upgrade.
Section 2 SAP Application Interface Framework Overview provides essential information
about the supported scenarios, the installable software units, software component matrix,
as well as how to plan your system landscape. Section 2 provides an overall
implementation sequence with related information (documentation and SAP Notes) and
provides the information about how to install the SAP Application Interface Framework by
referring to the relevant SAP Notes.
Section 3 Business Scenarios of the SAP Application Interface Framework contains
information about the supported business scenarios/processes.
Section 4 Security Considerations provides the security information that is specific to the
SAP Application Interface Framework (authorization objects and roles). This section also
provides a collection of links to SAPs various security topics.
Section 5 References provides a list of all the required SAP Notes and the documents that
are mentioned in this Master Guide.
Section 6 Media List provides information on the data carriers and the software
components contained in them.
Section 7 Release Availability Information contains information about the available
software releases, required base software and other availabilities regarding the Focused
Business Solution for the SAP Application Interface Framework.
You can find the most current information about the technical implementation
of the SAP Application Interface Framework and the latest installation and
configuration guides on SAP Service Marketplace at
We strongly recommend that you use the documents available here. The
guides are regularly updated.
August 2012
1 Getting Started
Constraints
The business scenarios that are presented here serve as examples of how you can use SAP
software in your company. The business scenarios are only intended as models and do not
necessarily run the way they are described here in your customer-specific system landscape.
Ensure to check your requirements and systems to determine whether these scenarios can
be used productively at your site. Furthermore, we recommend that you test these scenarios
thoroughly in your test systems to ensure they are complete and free of errors before going
live.
August 2012
1 Getting Started
1.2 Related Information

1.2.1 Planning Information
For more information about planning topics not covered in this guide, see the following
content on SAP Service Marketplace:
Content
Location on SAP Service Marketplace
Latest versions of installation and upgrade

guides
*In this Master Guide, see the SAP Notes listed

in the below section 1.3 Important SAP Notes.
Overview application information as well as

the collection of function- and processoriented information about the SAP
Application Interface Framework
*Application Help for SAP Application Interface

Framework 2.0 on the SAP Help Portal at
http://help.sap.com
-> SAP Business Suite -> SAP ERP Add-On ->
SAP Application Interface Framework
Or directly at http://help.sap.com/aif
SAP Business Maps - information about

applications and business scenarios
http://service.sap.com/businessmaps
Sizing, calculation of hardware requirements

- such as CPU, disk and memory resource with the Quick Sizer tool
http://service.sap.com/quicksizer
Released platforms and technology-related

topics such as maintenance strategies and
language support
http://service.sap.com/platforms
Network security
http://service.sap.com/securityguide
High Availability
http://www.sdn.sap.com/irj/sdn/ha
Performance
http://service.sap.com/performance
Information about Support Package Stacks,

latest software versions and patch level
requirements
http://service.sap.com/sp-stacks
Information about Unicode technology
http://www.sdn.sap.com/irj/sdn/i18n
To access the Platform Availability Matrix directly,

enter http://service.sap.com/pam.
1.2.2 Further Useful Links

The following table lists further useful links on SAP Service Marketplace:
Content
Location on SAP Service Marketplace
Information about creating error messages
http://service.sap.com/message
SAP Notes search
http://service.sap.com/notes
SAP Software Distribution Center (software

download and ordering of software)
http://service.sap.com/swdc
SAP Online Knowledge Products (OKPs)

role-specific Learning Maps
http://service.sap.com/rkt
August 2012
1 Getting Started
1.2.3 Related Master Guides

In this Master Guide, the following SAP applications are frequently referred to, particularly for
explaining topics such as integration scenarios, planning of the system landscape, and so on.
You can find more information about the relevant applications in the following documents:
Title
Location
Master Guide
SAP NetWeaver 7.0
http://service.sap.com/instguidesNW70
Master Guide
SAP NetWeaver PI 7.1
http://service.sap.com/instguides
Master Guide
SAP ERP 6.0
Master Guide
SAP Customer Relationship
Management 7.0
-> Installation -> Master Guide

-> SAP NetWeaver -> SAP NetWeaver PI 7.1 ->
Installation -> Master Guide
-> SAP Business Suite Applications -> SAP ERP ->
SAP ERP 6.0 -> Planning
-> SAP Business Suite Applications -> SAP CRM 7.0 > Plan
1.2.4 Related Operations Information

The SAP Application Interface Framework is based on an SAP NetWeaver 7.0 system.
Therefore, the general operations information for the following areas is covered in the
operations guide of SAP NetWeaver:
Technical system landscape
Overview of technical runtime scenarios, which result from setting up the corresponding
business scenarios
Backup and recovery
High availability concept
Starting and stopping (by which means and in which sequence)
Scenario administration concept (possible dependencies between scenario components)
Concept for data archiving and management of outdated technical data
Software change management
Scenario maintenance concept
Concept for handling customer development
Support desk management
Troubleshooting
You can find more information about the corresponding operations guides for SAP
NetWeaver in the following table:
Title
Operations guides available for SAP
NetWeaver
Location
http://service.sap.com/installnw70
under SAP NetWeaver 7.0 -> Operations
SAP NetWeaver Administrators Guide

Technical Operations Manual
SAP Help Portal at

http://help.sap.com/nw70 under System
Administration -> Technical Operations Manual
For a complete list of the available SAP Operations Guides, see
August 2012
1 Getting Started
The operations information that is specific to SAP Application Interface Framework is
included in the Application Help of the SAP Application Interface Framework in the
sections The SAP Application Interface Framework for Business Users and The SAP
Application Interface Framework for IT Personnel. In these sections the following topics are
covered:
Monitoring concept
Logging and tracing
Technical configuration
Periodical tasks
Concepts for monitoring, error handling, restart, and recovery of interfaces
August 2012
1 Getting Started
1.3 Important SAP Notes

You must read the following SAP Notes before you start the installation. These SAP Notes
contain the most recent information on the installation, as well as corrections to the
installation documentation.
Make sure that you have the up-to-date version of each SAP Note, which you can find on
SAP Service Marketplace at http://service.sap.com/notes.
Installation Notes
SAP Note Number
Title
Description
1747710
AIF 701: Installation Note
See this note for the detailed

information about installing
the main component AIF 701
of SAP Application Interface
Framework 2.0.
1747711
AIFX 701: Installation Note

information about installing
the optional component AIFX
701 of SAP Application
Interface Framework 2.0.
1530212
SAP Application Interface

Framework FAQ
See this note for frequently

asked questions about the
Framework.
Relevant Notes of SAP NetWeaver

SAP Note Number
Title
Description
1684718
WDA: Transaction WDYID Configuration ID is lost
Only needed if you install the

optional component AIFX
701 and use Monitoring and
Error Handling (Web) from
the SAP Easy Access menu.
1241303
Dynamic documents: Multiple

registration of events
In a dynamic document, as it
is used in the Interface
Overview transaction of the
Framework, form elements
such as pushbuttons, input
fields, selection lists, and
hyperlinks respond several
times to an event.
1726101
Tables with more then five

key elements are not
supported
This note is only needed if

you install the optional
component AIFX 701 and
use the Service
Implementation Workbench
(SIW) template.
1705786
SIW: Language conflict with

LOCAL packages

10
August 2012
1 Getting Started
use the SIW template.
1698269
SIW: Misleading error

message

1718473
SIW: Dump after leaving

ungenerated project

August 2012
11
2 SAP Application Interface Framework Overview

2 SAP Application Interface Framework

Overview
The SAP Application Interface Framework enables you to develop and monitor interfaces as
well as execute error handling in a single framework residing in your SAP backend system.
Possible sources of demand for SAP Application Interface Framework are:
You have a complex, heterogeneous system landscape
You want to decouple technical and business aspects of your interfaces, thus
enabling business users to perform error handling
You use different technologies to implement interfaces, so you have duplicate efforts
for implementing the same logic in multiple technologies
You have to use multiple monitoring tools for different basis technologies and would
like to use one tool to simplify the monitoring and error handling
You experience difficulties in enforcing interface implementation guidelines
You need to restrict access to interface data to fulfill your regulatory or company
compliance rules
SAP Application Interface Framework enables you to:
Implement interfaces in an easy and structured way mainly based on Customizing
Re-use interface building blocks (checks, structure mappings, value mappings,
actions, functions) inside of multiple interfaces and for different basis technologies
Do functional instead of technical monitoring
Restrict interface data and error monitor access by flexible authorization rules
Enforce interface implementation guidelines
SAP Application Interface Framework provides you with the following functions:
A powerful framework for the implementation of interfaces
A user-friendly transaction for interface monitoring and error handling
Tools for configuration and operations
The following chapters give an overview of the software components that are required within
the SAP Application Interface Framework and its business scenarios.
12
August 2012

2.1 Software Units of the SAP Application Interface Framework
2.1 Software Units of the SAP Application

Interface Framework
The following table contains the software units that you require to set up your system
landscape:
Software Unit
Release
SAP Application Interface Framework 2.0 (component AIF)
701
SAP NetWeaver
700, SP17 or above
If you want to use the Web-based Monitoring and Error Handling transaction, the Service
Implementation Workbench (SIW) to generate AIF interfaces, or the integration with the Error
and Conflict Handler (ECH), the minimum requirements are the following:
Software Unit
Release
SAP Application Interface Framework (component AIF)
701
SAP Application Interface Framework Extension (component AIFX)
701
SAP NetWeaver
731, SP01 or above
Make sure all the relevant and available support packages (SPs) and
enhancement packages (EHPs) are also applied when any of the above
software units are installed. For the latest component version and patch level
requirements, see http://service.sap.com/sp-stacks.
August 2012
13
2.2 Software Component Matrix

Supported Integration Scenarios
The SAP Application Interface Framework can be used on any SAP application system
based on SAP NetWeaver 7.0 SP17 (or above). This is why the Master Guide cannot cover
all possible integration scenarios. Only a limited number of common integration scenarios are
covered:
Integration scenario SAP ERP
Integration scenario SAP SRM
Integration scenario SAP ERP + SAP CRM
IDoc integration scenarios
o
o
o
o
Monitor existing IDocs in the Monitoring and Error Handling transaction

Process IDocs using AIF and call an IDoc function module in an action
Process IDocs using AIF and call a BAPI in an action
Process IDocs using ALE and write index tables with the AIF enabler
With the SAP Application Interface Framework, you can use one or multiple interface
technologies (for example, proxy messages or IDocs) for integration and monitoring. For any
integration scenario you are using, you need to make sure that the systems you want to
connect are capable of handling the chosen interface technology. You also need to make
sure to use one of the interface technologies supported by the SAP Application Interface
Framework or to implement the support for the chosen interface technology in the SAP
Application Interface Framework using a custom engine.
The table below shows the mapping of the software units to each of the integration scenarios
to build a system landscape with the SAP Application Interface Framework. You can see
which software units are mandatory and which other software units are optional to realize
each integration scenario.
Integration Scenario SAP ERP
Software Unit Installation
Obligatory or
Optional
Comments
SAP Application Interface Framework add-on based

on SAP NetWeaver 7.0
Obligatory
SAP NetWeaver 7.0 or the Enhancement Packages

for 7.0
Obligatory
Optional
SAP ERP 6.0 or the Enhancement Packages for 6.0
Obligatory
Obligatory or
Optional
Comments

Obligatory
Obligatory
Integration Scenario SAP SRM
14
August 2012

2.2 Software Component Matrix
for 7.0
Optional
SAP SRM 7.0
Obligatory
Obligatory or
Optional
Comments

Obligatory

for 7.0
Obligatory
Optional
SAP ERP 6.0 or the Enhancement Packages for 6.0
Obligatory
SAP CRM 7.0
Obligatory
Integration Scenario SAP ERP + SAP CRM
IDoc Integration Scenarios

There are multiple interface integration scenarios which can be built using IDoc technology.
Depending on the integration scenario used, different features of the SAP Application
Interface Framework are available. It is possible to use multiples of these integration
scenarios for different interfaces.
The following four different scenarios, in which you can process and monitor IDocs, are
available:
IDoc Scenario 1: Monitoring of existing IDocs in Monitoring and Error Handling
IDoc Scenario 2: Processing IDocs using AIF and calling an IDoc function module in
an action
IDoc Scenario 3: Processing IDocs using AIF and calling a BAPI in an action
IDoc Scenario 4: Processing IDocs using ALE and writing index tables with the AIF
enabler
More detailed descriptions about these scenarios, as well as the corresponding features of
the SAP Application Interface Framework 2.0, can be found in the Application Help
(http://help.sap.com/aif, Technology Support -> IDoc Support -> IDoc Scenarios).
Based on your integration scenario, you can implement various business processes. The
SAP Application Interface Framework does not provide standard business processes.
Instead, you have to implement your own business processes and corresponding interfaces
using the SAP Application Interface Framework.
This Master Guide provides just one way to implement each business
scenario. For other ways to implement business scenarios, see the Scenario
& Process Component List in SAP Service Marketplace at
http://service.sap.com/scl. The Scenario & Process Component List
helps you to find realization alternatives for SAP solutions, business
scenarios, and processes. It shows you which application components are
needed to realize a business scenario or process.
August 2012
15

2.3 System Landscape

The SAP Application Interface Framework offers various system landscape options
depending on the customers business requirements and possible system deployments. In
the following section, exemplary system deployments are presented with the characteristics
and restrictions of each case.
General
The integration scenarios involve at least 2 systems, that is, a legacy system and an SAP
backend system that contains the SAP Application Interface Framework. The integration
scenarios can optionally involve an SAP NetWeaver PI. The legacy system can be any
system that is able to exchange information with directly with the SAP backend system or
with the SAP NetWeaver PI system. Every SAP application system based on SAP
NetWeaver 7.0 SP17 (and above) is supported as the SAP backend system.
For any integration scenario you are using, you need to make sure that the systems you want
to connect are capable of handling the chosen interface technology.
SAP Backend
System
Legacy System
SAP NetWeaver PI
SAP Application
Interface
Framework
AddOn
In your business processes, the legacy system can act as sender or receiver of information.
As a sender, the legacy system is the data source and sends data directly to the SAP
backend system or to the SAP NetWeaver PI system.
If you choose to use direct integration between the legacy system and the SAP backend
system, data is sent directly from the legacy system to the SAP backend system.
If you choose to use SAP NetWeaver PI for integration, SAP NetWeaver PI can act as the
information broker, provide security features, and offer many other technical integration
capabilities. Here, the technical mapping of the data structures or technical format
conversions (for example, using existing adapters) can be executed. If the communication
channel in your SAP NetWeaver PI is correctly configured, the message is sent to your SAP
backend system. The SAP Application Interface Framework resides within the SAP backend
system and provides different additional features depending on the chosen integration
scenario.
If data is sent through the SAP NetWeaver PI system, you have the option to use different
interface technologies for communication between the legacy system and SAP NetWeaver PI
and between SAP NetWeaver PI and the SAP backend system. In this case, a technical
format conversion needs to be done in SAP NetWeaver PI to translate from one interface
technology to the other.
In both scenarios, the SAP Application Interface Framework in the SAP backend system
provides the monitoring and error handling functionality.
Note that the interface setting, mapping, interface variants, and error handling
settings in the SAP Application Interface Framework are client-dependent.
You have to make sure that message processing and error handling is
executed in the correct client.
16
August 2012

As a receiver, the legacy system is the consumer of information sent by the SAP backend
system using the SAP Application Interface Framework. When triggered manually or by an
application, the SAP Application Interface Framework executes the mapping from the internal
to the external structure and sends the information in the external format directly to the legacy
system or to SAP NetWeaver PI.
If you choose to use direct integration between the SAP backend system and the legacy
system, data is sent directly from the SAP backend system to the legacy system.
If you choose to use SAP NetWeaver PI for integration, SAP NetWeaver PI can act as the
information broker, provide security features, and offer many other technical integration
capabilities. Here, the technical mapping of the data structures or technical format
conversions (for example, using existing adapters) can be executed. If the communication
channel in your SAP NetWeaver PI is correctly configured, the message is sent to the legacy
system.
If data is sent through the SAP NetWeaver PI system, you have the option to use different
interface technologies for communication between the SAP backend system and SAP
NetWeaver PI and between SAP NetWeaver PI and the legacy system. In this case, a
technical format conversion needs to be done in SAP NetWeaver PI to translate from one
interface technology to the other.
Example 1: SAP Application Interface Framework installed on SAP ERP
In this example, an SAP ERP system acts as the SAP backend system as described in the
general scenario above.
Legacy System
SAP ERP
SAP NetWeaver PI
SAP Application
Interface
Framework
AddOn
Example 2: SAP Application Interface Framework installed on SAP SRM

In this example, an SAP SRM system acts as the SAP backend system as described in the
general scenario above.
Legacy System
SAP SRM
SAP NetWeaver PI
SAP Application
Interface
Framework
AddOn
Example 3: SAP Application Interface Framework installed on SAP ERP and SAP CRM
August 2012
17

In this example, there is more than one SAP backend system. Every SAP backend system
requires its own installation of the SAP Application Interface Framework.
Legacy System
SAP ERP
SAP Application
Interface
Framework
AddOn
SAP CRM
SAP NetWeaver PI
SAP Application
Interface
Framework
AddOn
We strongly recommend that you use a minimal system landscape for test
and demo purposes only. For performance, scalability, high availability, and
security reasons, do not use a minimal system landscape as your production
landscape.
18
August 2012

2.4 Overall Implementation Sequence
2.4 Overall Implementation Sequence

Purpose
The following table describes the overall installation sequence the SAP Application Interface
Framework. This table contains all available software units.
For the latest component version and patch level requirements, see the Support Package
Stack Guide on the SAP Service Marketplace at http://service.sap.com/.
For documentation listed in the following table, see References.
Process
Implementation Sequence
Step
Action
[Required Documentation]
Perform the installation of component AIF

701.
[SAP Note: 1747710]
Perform the (optional) installation of

component AIFX 701.
[SAP Note: 1747711]
Transport the delivered default Customizing

into target clients.
The delivered Customizing will

be imported only into client 000;
from there you can copy it into
your target clients.
Generate number ranges with report

/AIF/GENERATE_NUMBER_RANGES
Number ranges are not delivered

automatically; the mentioned
report does not overwrite
existing number ranges.
Read the FAQ for the SAP Application

Interface Framework.
[SAP Note: 1530212]
See this note for frequently

asked questions about the steps
that are necessary after the
installation of the SAP
Application Interface Framework.
Customize settings for the SAP Application

[Application Help for the SAP Application
Interface Framework 701,
in SAP Help Portal at
http://help.sap.com/
-> SAP Business Suite -> SAP ERP Add-Ons
-> SAP Application Interface Framework]
Or directly at http://help.sap.com/aif
August 2012
Remarks/Subsequent Steps
19
3 Business Scenarios of the SAP Application Interface Framework
3 Business Scenarios of the SAP

The SAP Application Interface Framework tool does not provide its own business scenarios.
When you develop interfaces with this tool, you can maintain the business process
information in the SAP Solution Manager. For more information on how to maintain business
process information, view the documentation about Business Blueprints in the help of the
SAP Solution Manager in the SAP Help Portal at http://help.sap.com/ -> Application
Lifecycle Management ->SAP Solution Manager -> SAP Solution Manager 7.0.
20
August 2012
4 Security Considerations
This section provides an overview of the security considerations that are specific to the SAP
The SAP Application Interface Framework is built on a SAP NetWeaver 700 system.
Therefore, the corresponding security settings also apply to the SAP Application Interface
Framework.
4.1 Fundamental Security Guides

For a complete list of the available SAP security guides, see SAP Security Guides on SAP
Service Marketplace at http://service.sap.com/securityguide. The current version
of the SAP NetWeaver security guide, which deals with general security issues, is also
available via this quick link.
Additional Information
For more information about specific security topics, see the following locations on SAP Service
Marketplace as shown in the table below:
Content
Location
Security
Security Guides
Released Platforms
Network Security
Infrastructure Security
SAP Solution Manager
http://service.sap.com/security
http://service.sap.com/platforms
http://service.sap.com/solutionmanager
August 2012
21
4.2 Authorization Objects

The SAP Application Interface Framework allows you to specify various authorization
settings. In the following sections, each authorization object is explained with its description
and technical attributes.
4.2.1 Authorization Object for Interface

Processing /AIF/PROC
Definition
The authorization object /AIF/PROC is used by the system to check the users authorization
for processing a data message of a given interface in the SAP Application Interface
Framework.
Authorization Fields
Field Name
Heading
Authorization Object Setting
ACTVT
Activity
You can enter the following activities:

Import (60)
Export (61)
Resubmit (A4)
/AIF/NS
Namespace
This field refers to a namespace in the SAP

/AIF/IF
Interface Name
This field refers to an interface name in the

/AIF/IFVER
Interface Version
This field refers to an interface version in the

/AIF/VNS
Variant Namespace
This field refers to a variant namespace name

in the SAP Application Interface Framework
/AIF/VNAME
Name of Interface
Variant
This field refers to a variant name in the SAP

Usage
Messages are processed by a specific user. This user requires the authorization to (re-)
process data messages in the SAP Application Interface Framework.
The user PIAPPL is assigned the authorization to process data messages for
all namespaces, interface names, interface versions, and if applicable, variant
namespace and name.
22
August 2012
4.2.2 Authorization Object for Customizing

Steps /AIF/CUST
Definition
The authorization object /AIF/CUST is used by the system to check the users authorization
for a Customizing activity in the SAP Application Interface Framework.
Field Name
Heading
ACTVT
Activity

Change (02)
Display (03)
/AIF/NS
Namespace

/AIF/MC
Customizing view
For available values, see table below
Usage
The field /AIF/NS can contain any namespace name. By specifying the namespace field, you
can limit the users authorization for Customizing activities to the specified namespaces.
An interface developer is authorized to create, edit, and delete interfaces in
namespace X but not Y.
For the field name /AIF/MC, the following values are allowed:
Value
Description
/AIF/NS
Define Namespaces
/AIF/ACTIONS
Define Actions
/AIF/CHECKS
Define Checks
/AIF/RECTYPES
Define Record Types
/AIF/FIXVALUES
Define Fix Values
/AIF/VALMAPS
Define Value Mappings
/AIF/V_FINF
Define Interfaces
/AIF/SMAP
Define Structure Mapping
/AIF/IFDET
Interface Determination
/AIF/SYSNAMES
Define Business Systems
/AIF/ERROR_HDL
Error Handling -> Define Applications
/AIF/ERROR_GLB
Error Handling -> Global Features
/AIF/ERROR_NS
Error Handling -> Define Namespace-Dependent Features
/AIF/ERROR_IF
Error Handling -> Define Interface-Dependent Features
/AIF/ALERT
Error Handling -> Define Recipients
/AIF/V_VARIANT
Interface Variants -> Define Interface Variants
August 2012
23
/AIF/V_IFKEY
Interface Variants -> Define Interface Key Fields
/AIF/V_VA_ASSIGN
Interface Variants -> Define Assigning Tables
/AIF/VARIANT_MAPPINGS
Interface Variants -> Define Variant Mappings
4.2.3 Authorization Objects for Error Handling

/AIF/ERR
Definition
The authorization object /AIF/ERR is used by the system to check the users authorization for
error handling in the SAP Application Interface Framework.
Field Name
Heading
ACTVT
Activity

Execute (16) (means selecting from index tables)
Archive (24) (means starting the archiving report
using SARA)
Reload (25) (means restoring archived data using
SARA)
Read (33)
Write (34)
Display archive (56)
Administer (70) (means qRFC monitoring)
Analyze (71) (means displaying application log
messages)
Remove (75) (means canceling a message)
Resubmit (A4) (means restarting a message)
General overview (GL) (means XML monitoring)
/AIF/NS
Namespace

/AIF/IF
Interface Name
This field refers to an interface name in the SAP

/AIF/IFVER
Interface Version
This field refers to an interface version in the SAP

Usage
Using the activity field, you specify the actions that a user can execute in the system. You
might want to specify a user who only has read access to the transaction. You can further
limit the authorization by namespace, interface name, and interface version. As a result, the
user can execute the specified activities only for the defined namespace / interface name /
interface version combination.
24
August 2012
4.2.4 Authorization Object for Technical Error

Handling /AIF/TECH
Definition
The authorization object /AIF/TECH is used by the system to check the users authorization
for the technical mode of error handling in the SAP Application Interface Framework.
Field Name
Heading
ACTVT
Activity
You can enter the following activity:

Activate (63)
Usage
This authorization object does not have any parameters or activities. If a user does not have
the authorization, the Technical Mode checkbox in the selection screen and the Technical
Mode pushbutton in the main screen of the Monitoring and Error Handling transaction are
hidden.
4.2.5 Authorization Object for Emergency

Corrections /AIF/EMC
Definition
The authorization object /AIF/EMC is used by the system to check the users authorization for
emergency corrections in the error handling of the SAP Application Interface Framework.
Field Name
Heading
ACTVT
Activity

Execute (16)
Read (33)
Write (34)
Administer (70)
Analyze (71)
Remove (75)
Resubmit (A4)
General overview (GL)
/AIF/NS
Namespace

Usage
Using the activity field, you specify the actions the user can execute in emergency correction
mode in the Monitoring and Error Handling transaction. You can further limit the authority to
execute the actions in emergency correction mode based on the interface namespace.
When executing the Monitoring and Error Handling transaction, the user first has to enter a
namespace and press the ENTER key. The system then checks the authorization for
emergency corrections and displays the Emergency Correction Mode checkbox, if applicable.
August 2012
25
4.2.4 Authorization Objects for Custom

Functions /AIF/CFUNC
Definition
The authorization object /AIF/CFUNC is used by the system to check the users authorization
for custom functions for error handling in the SAP Application Interface Framework.
Field Name
Heading
ACTVT
Activity

Create or generate (01)
Change (02)
Display (03)
Delete (06)
Execute (16) (means executing in the Monitoring and
Error Handling transaction)
/AIF/NS
Namespace

/AIF/IF
Interface Name

/AIF/IFVER
Interface Version

/AIF/NSREC
Namespace of
Recipient
Not used at the moment; enter *
/AIF/VISI
Visibility
/AIF/OTHUS
Authorization for
other users
Usage
Using the activity field, you specify the actions the user can execute in Custom Functions in
the Monitoring and Error Handling transaction and the corresponding maintenance views for
custom functions.
4.2.4 Authorization Objects for Custom Hints

/AIF/HINTS
Definition
The authorization object /AIF/HINTS is used by the system to check the users authorization
for custom hints for error handling in the SAP Application Interface Framework.
Field Name
Heading
ACTVT
Activity
26
August 2012

Change (02)
Display (03)
Delete (06)
/AIF/NS
Namespace

/AIF/IF
Interface Name

/AIF/IFVER
Interface Version

/AIF/NSREC
Namespace of
Recipient
/AIF/VISI
Visibility
/AIF/OTHUS
Authorization for
other users
Usage
Using the activity field, you specify the actions the user can execute in Custom Hints in the
Monitoring and Error Handling transaction and the corresponding maintenance views of the
custom hints.
4.2.4 Authorization Object for Interface

Determination /AIF/IFDET
Definition
The authorization object /AIF/IFDET is used by the system to check the users authorization
for maintaining interface determination in the SAP Application Interface Framework.
Field Name
Heading
/AIF/IDTY
Application
Engine Identifier
Type of application engine:

000: Proxy
001: IDoc
002: XML
003: Test File
004: ECH
/AIF/NS
Namespace
Namespace of a customer-specific engine
/AIF/IDCTY
Identifier for a
CustomerSpecific AIF
Interface Type
Identifier of a customer-specific engine
/AIF/IDN1
Name 1 of
Interface Type
First key field of an engine
August 2012
27
/AIF/IDN2
Name 2 of
Interface Type
Second key field of an engine
ACTVT
Activity
You can enter the following activity:

Change (02)
Display (03)
Delete (06)
Usage
Using the activity field, you specify the actions the user can execute in the corresponding
maintenance views of interface determination.
4.2.6 Authorization Object for Value Mapping

Maintenance /AIF/VMAP
Definition
The authorization object /AIF/VMAP is used by the system to check the users authorization
to display and / or update value mappings in the value mapping transaction of the SAP
Field Name
Heading
ACTVT
Activity

Change (02)
Display (03)
/AIF/NS
Namespace

/AIF/VMAP
Value Mapping
This field refers to a value mapping name in

the SAP Application Interface Framework
/AIF/BSKEY
Key Name of Business

System
This field refers to a business system name
Usage
The authorization object protects the display/update of value mappings.
The authorization will be checked only in the value mapping transaction
/AIF/VMAP (and derived transaction variants), not in the Customizing activity
Define Value Mappings.
28
August 2012
4.3 Template Roles

The SAP Application Interface Framework provides predefined template roles that you can
change or copy in order to define roles for your specific requirements.
4.3.1 Single Roles

The single roles delivered with the SAP Application Interface Framework provide suggestions
for the combination of different authorization objects and values in a role to fulfill a specific
task.
4.3.1.1 /AIF/CORRECT_DATA
You assign the role /AIF/CORRECT_DATA to users who are responsible for data consistency
in the SAP Application Interface Framework. The user has the authority to examine interface
data, correct inconsistencies, and execute the Monitoring and Error Handling transaction.
You could also assign this role to a batch user that is used to execute the Data Correction
Report on a regular basis as a background job.
The template role contains the following authorization data:
Authorization
Field
Values
Object
S_TCODE
TCD (Transaction Code)
/AIF/CORRECTIONS, /AIF/IDXTBL
/AIF/ERR
/AIF/NS (Namespace)
(no value predefined)
/AIF/IF (Interface Name)
/AIF/IFVER (Interface
Version)
ACTVT (Activity)
16 (Execute)
Note that the values for namespace, interface name, and interface version are
not predetermined. In order to use the role, you have to fill these fields with
your custom names.
4.3.1.2 /AIF/CUST_CHANGE
You assign the role /AIF/CUST_CHANGE to users who have the responsibility to maintain
Customizing for the SAP Application Interface Framework. This involves changing interface
data, error handling settings, as well as interface variants. The user does not have the
authorization to process message data or change values in the Monitoring and Error
Handling transaction.
Authorization
Object
Field
Values
S_TCODE
/AIF/CUST, /AIF/CUST_OVERVIEW,
/AIF/CUST_SMAP_COPY,
/AIF/DEL_STRUC_CACHE,
/AIF/IF_TRACE, /AIF/RECIPIENTS
/AIF/CUST
/AIF/NS (Namespace)
/AIF/MC (Customizing
view)
/AIF/ACTIONS, /AIF/ALERT,
/AIF/CHECKS, /AIF/ERROR_GLB,
/AIF/ERROR_HDL, /AIF/ERROR_IF,
/AIF/ERROR_NS, /AIF/FIXVALUES,
August 2012
29
/AIF/IFDET, /AIF/NS, /AIF/RECTYPES,

/AIF/SMAP, /AIF/T_TRACE_LV,
/AIF/VALMAPS,
/AIF/VARIANT_MAPPINGS,
/AIF/V_FINF, /AIF/V_FINF_TL,
/AIF/V_IFKEY, /AIF/V_SYSNAMES,
/AIF/V_VARIANT, /AIF/V_VA_ASSIGN
/AIF/ERR
S_TABU_DIS
ACTVT (Activity)
02 (Change), 03 (Display)
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
16 (Execute), 33 (Read)
ACTVT (Activity)
DICBERCLS
(Authorization Group)
AIF
your custom names.
4.3.1.3 /AIF/CUST_DISPLAY
You assign the role /AIF/CUST_DISPLAY to users who require display authorization for
Customizing for the SAP Application Interface Framework. This involves read access to
interface data, error handling settings, as well as interface variants. The role is designed for
business users with a technical background, who need to understand the steps in the
mapping, or interface developers after the development of a specific interface is finished.
Note that you can also limit the Customizing views that the user can display,
for example, only value mappings in a specific namespace.
Authorization
Object
Field
Values
S_TCODE
/AIF/CUST, /AIF/CUST_OVERVIEW,
/AIF/IF_TRACE, /AIF/RECIPIENTS
/AIF/CUST
/AIF/NS (Namespace)
/AIF/MC (Customizing
view)
/AIF/ACTIONS, /AIF/ALERT, /AIF/CHECKS,

/AIF/ERROR_GLB, /AIF/ERROR_HDL,
/AIF/ERROR_IF, /AIF/ERROR_NS,
/AIF/FIXVALUES, /AIF/IFDET, /AIF/NS,
/AIF/RECTYPES, /AIF/SMAP,
/AIF/T_TRACE_LV, /AIF/VALMAPS,
/AIF/VARIANT_MAPPINGS, /AIF/V_FINF,
/AIF/V_FINF_TL, /AIF/V_IFKEY,
/AIF/V_SYSNAMES, /AIF/V_VARIANT,
/AIF/V_VA_ASSIGN
ACTVT (Activity)
03 (Display)
30
August 2012
/AIF/ERR
S_TABU_DIS
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
16 (Execute), 33 (Read)
ACTVT (Activity)
03 (Display)
DICBERCLS (Authorization
Group)
AIF
your custom names.
4.3.1.4 /AIF/DATA_CHANGE_LOG
You assign the role /AIF/DATA_CHANGE_LOG to users who have the responsibility to check
the changes made to the messages contents in the Monitoring and Error Handling
transaction by a business user. This user has the authorization to execute the Monitoring and
Error Handling transaction, as well as execute the Error Handling Changes Log to analyze
the changes.
Note that a user with this role might have access to personal information, for
example, which user changed a specific part of a data message at a certain
time.
Authorization
Object
Field
Values
S_TCODE
/AIF/EDCHANGES
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
16 (Execute)
your custom names.
4.3.1.5 /AIF/ERRHDL_CHANGE
You assign the role /AIF/ERRHDL_CHANGE to users who have the responsibility to carry out
error handling, make changes to predefined fields of data messages, and/or resubmit or
cancel data messages. Users with this role can also view the Monitoring and Error Handling
transaction in the technical mode, which allows them, for example, to transform the message
for test reasons. Note that this role does not include the authorization to display or maintain
value mappings. It is recommended to assign this role on the basis of specific namespaces /
interface names / interface versions to make sure that the user has the knowledge and
authority to change the corresponding data messages.
August 2012
31
Authorization
Object
Field
Values
S_TCODE
/AIF/ERR, /AIF/ERR_BASE,
/AIF/IFMON
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
16 (Execute), 33 (Read), 34 (Write), 70

(Administer), 71 (Analyze), 75
(Remove), A4 (Resubmit), GL (General
overview)
ACTVT (Activity)
63 (Activate)
/AIF/TECH
your custom names.
4.3.1.6 /AIF/ERRHDL_CHANGE_EMC
You assign the role /AIF/ERRHDL_CHANGE_EMC to users who have the responsibility to
carry out emergency corrections in the error handling, that is, make changes to any field in
the data messages and/or resubmit or cancel them.
When executing the Monitoring and Error Handling transaction, the user with this role will first
have to enter a namespace and press the ENTER key. The system will then check the
authorization for emergency corrections and display the Emergency Correction Mode
checkbox, if applicable. This role will also allow the user to use the technical mode in the
Monitoring and Error Handling transaction.
Note that this role allows making changes in message fields that are not
explicitly released for changes. It is recommended not to assign this role to
normal business users but only to users who are properly trained and trusted
to carry out emergency corrections for an interface.
Authorization
Object
Field
Values
S_TCODE
/AIF/IFMON
/AIF/EMC
/AIF/NS (Namespace)
ACTVT

overview)
/AIF/NS (Namespace)
Version)
/AIF/ERR
32
August 2012
/AIF/TECH
ACTVT (Activity)

overview)
ACTVT (Activity)
63 (Activate)
Note that the values for namespace, value mapping, and key name of
business system are not predetermined. In order to use the role, you have to
fill these fields with your custom names.
4.3.1.7 /AIF/ERRHDL_DISPLAY
You assign the role /AIF/ERRHDL_CHANGE to users who have the responsibility to analyze
message data for error handling but are not authorized to change message data or reprocess
/ cancel the messages. Users with this role can also view the Monitoring and Error Handling
transaction in the technical mode, which allows them to transform the message for test
reasons.
Authorization
Object
Field
Values
S_TCODE
/AIF/IFMON
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
16 (Execute), 33 (Read), GL (General

overview)
ACTVT (Activity)
63 (Activate)
/AIF/TECH
your custom names.
4.3.1.8 /AIF/ERRHDL_DISPLAY_EMC
You assign the role /AIF/ERRHDL_DISPLAY_EMC to users who have the responsibility of
analyzing message data for error handling in emergency correction mode but are not
authorized to change message data or reprocess / cancel the messages. Users with this role
can also view the Monitoring and Error Handling transaction in the technical mode, which
allows them to transform the message for test reasons.
Note that users with this role have the authorization to view and select the
emergency correction checkbox but not to carry out emergency corrections,
since they only have read access to the data.
Authorization
Object
Field
Values
S_TCODE
August 2012
33
/AIF/IFMON
/AIF/EMC
/AIF/ERR
/AIF/TECH
/AIF/NS (Namespace)
ACTVT

overview)
/AIF/NS (Namespace)
Version)
ACTVT (Activity)

overview)
ACTVT (Activity)
63 (Activate)
your custom names.
4.3.1.9 /AIF/LOG_DISPLAY
You assign the role /AIF/LOG_DISPLAY to users who have the responsibility to check the
messages in the application log raised by the SAP Application Interface Framework but do
not necessarily have to execute the error handling transaction.
Note that users with this authorization can access the log messages from
data messages of any interface.
Authorization
Object
Field
Values
S_TCODE
/AIF/LOG
4.3.1.10 /AIF/MESSAGE_NOTIFICATION
You assign the role /AIF/MESSAGE_NOTIFICATION to users who should be able to run the
Message Overview Notification report.
Authorization
Object
Field
Values
S_TCODE
/AIF/MSGNOTI
4.3.1.11 /AIF/MSG_STAT_SNAP_SHOT
You assign the role /AIF/MSG_STAT_SNAP_SHOT to users who have the responsibility to
create or display snapshots of statistics and summary data for messages in the SAP
Note that users with this authorization can access the statistics data for all
available interfaces and can find out how the recipient assignment is
configured in the system.
34
August 2012
Authorization
Object
Field
Values
S_TCODE
/AIF/DISPMSGSNAP,
/AIF/GENMSGSNAP
4.3.1.12 /AIF/PERFORMANCE_ANALYSIS
You assign the role /AIF/PERFORMANCE_ANALYSIS to users who have the responsibility
to monitor or analyze the performance of the operations executed by the SAP Application
Interface Framework. The role allows access to the Performance Analysis Help transaction.
This role is recommended for interface developers during implementation of the interface and
system administrators responsible for monitoring system performance.
Authorization
Object
Field
Values
S_TCODE
/AIF/PERFORMANCE
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
16 (Execute), 71 (Analyze)
your custom names.
4.3.1.13 /AIF/PROCESS_INB
You assign the role /AIF/PROCESS_INB to the users who are required to process inbound
interface data. This could either be a batch user responsible for message processing or a
dialog user under whose name the message is processed.
Authorization
Object
Field
Values
/AIF/PROC
/AIF/NS (Namespace)
Version)
/AIF/VNS (Variant
Namespace)
/AIF/VNAME (Name of
interface variant)
ACTVT (Activity)
60 (Import)
Note that the values for namespace, interface name, interface version, variant
namespace, and interface variant name are not predetermined. In order to
use the role, you have to fill these fields with your custom names.
August 2012
35
4.3.1.14 /AIF/PROCESS_OUTB
You assign the role /AIF/PROCESS_OUTB to the users who are required to process
outbound interface data. This could either be a batch user responsible for message
processing or a dialog user under whose name the message is processed.
Authorization
Object
Field
Values
/AIF/PROC
/AIF/NS (Namespace)
Version)
/AIF/VNS (Variant
Namespace)
/AIF/VNAME (Name of
interface variant)
ACTVT (Activity)
61 (Export)
4.3.1.15 /AIF/PROCESS_RES
You assign the role /AIF/PROCESS_RES to the users who are responsible for restarting
messages as part of the error handling. Note that the SAP Application Interface Framework
does not differentiate between restarting unchanged data messages and restarting data
messages that have been changed as part of the error handling.
Authorization
Object
Field
Values
/AIF/PROC
/AIF/NS (Namespace)
Version)
/AIF/VNS (Variant
Namespace)
/AIF/VNAME (Name of
interface variant)
ACTVT (Activity)
A4 (Resubmit)
4.3.1.16 /AIF/SWITCH_FRAMEWORK
36
August 2012
You assign the role /AIF/SWITCH_FRAMEWORK to users who should be able to access the
SAP Application Interface Framework internal switch framework.
Authorization
Object
Field
Values
S_TCODE
/AIF/MYTRANSPORTS,
/AIF/NEWDEVIDS, /AIF/NEWDEVPRO,
/AIF/TOPICDEF, /AIF/TOPICSTATUS,
/AIF/TOPICSTATUSH,
/AIF/TOPICSTATUSHALL,
/AIF/TOPICSTATUSINIT,
/AIF/USERATTR, /AIF/USERMGR,
/AIF/USERMGR2
4.3.1.17 /AIF/TEST_TOOL
You assign the role /AIF/TEST_TOOL to users who should be able to run the Interface Test
Tool. Since this report allows processing of self-defined data for any interface, it is
recommended not to use or to strictly limit access to this role in a productive system. This
role is suggested for interface developers who need to test their interfaces.
Authorization
Object
Field
Values
/AIF/T_CODE
/AIF/IFTEST
/AIF/PROC
/AIF/NS (Namespace)
Version)
/AIF/VNS (Variant
Namespace)
/AIF/VNAME (Name of
interface variant)
ACTVT (Activity)
61 (Export)
4.3.1.18 /AIF/VMAP_CHANGE
You assign the role /AIF/VMAP_CHANGE to users who are responsible for maintaining value
mappings in a specific namespace and/or for a specific business system.
Authorization
Object
Field
Values
/AIF/T_CODE
/AIF/VMAP, /AIF/VMAP_BASE
/AIF/VMAP
/AIF/NS (Namespace)
/AIF/VMAP (Value
August 2012
37
Mapping)
/AIF/BSKEY (Key Name of
Business System)
ACTVT (Activity)
4.3.1.19 /AIF/VMAP_DISPLAY
You assign the role /AIF/VMAP_CHANGE to users who should be able to analyze, but not
change, value mappings in a specific namespace and/or for a specific business system.
Authorization
Object
Field
Values
/AIF/T_CODE
/AIF/VMAP, /AIF/VMAP_BASE
/AIF/VMAP
/AIF/NS (Namespace)
/AIF/VMAP (Value
Mapping)
/AIF/BSKEY (Key Name of

Business System)
ACTVT (Activity)
03 (Display)
4.3.1.19 /AIF/ARC_CREATE
You assign the role /AIF/ARC_CREATE to users who should be able to create archives of the
XML persistence in a specific namespace or interface.
Authorization
Object
Field
Values
/AIF/T_CODE
SARA
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
56 (Display Archive)
S_ADMI_FCD
S_ADMI_FCD
S_ARCHIVE
ACTVT
01, 02, 03
38
August 2012
S_BTCH_JOB
S_BTCH_NAM
APPLIC
$APPLIC
ARCH_OBJ
/AIF/PERSX
JOBACTION
JOBGROUP
BTCUNAME
your custom names.
4.3.1.19 /AIF/ARC_DISPLAY
You assign the role /AIF/ARC_DISPLAY to users who should be able to display archives of
the XML persistence in a specific namespace or interface.
Authorization
Object
Field
Values
/AIF/T_CODE
SARA
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
56 (Display Archive)
S_ADMI_FCD
S_ADMI_FCD
S_ARCHIVE
ACTVT
03
APPLIC
$APPLIC
ARCH_OBJ
/AIF/PERSX
JOBACTION
JOBGROUP
BTCUNAME
S_BTCH_JOB
S_BTCH_NAM
your custom names.
4.3.1.19 /AIF/ARC_RELOAD
You assign the role /AIF/ARC_RELOAD to users who should be able to reload data from
archives of the XML persistence in a specific namespace or interface.
August 2012
39
Authorization
Object
Field
Values
/AIF/T_CODE
SARA
/AIF/ERR
/AIF/NS (Namespace)
Version)
ACTVT (Activity)
25 (Reload)
S_ADMI_FCD
S_ADMI_FCD
S_ARCHIVE
ACTVT
01, 02, 03
APPLIC
$APPLIC
ARCH_OBJ
/AIF/PERSX
JOBACTION
JOBGROUP
BTCUNAME
S_BTCH_JOB
S_BTCH_NAM
your custom names.
40
August 2012
4.3.2 Composite Roles

4.3.2.1 /AIF/ADMINISTRATOR
Purpose
You assign the role /AIF/ADMINISTRATOR to users who are responsible for system
administration. The role involves all authorizations required to analyze system operations. It
includes read access to the Customizing (though you might want to exchange
/AIF/CUST_DISPLAY with /AIF/CUST_CHANGE if the administrator is responsible for error
handling application setup), as well as read access to the error handling application, value
mappings, error handling change data, and application log messages. Additionally, the role
allows performance analysis and the creation or display of snapshots for messages in the
SAP Application Interface Framework.
Contained Roles
/AIF/ADMINISTRATOR is composed of the single roles
/AIF/CUST_DISPLAY
/AIF/DATA_CHANGE_LOG
/AIF/ERRHDL_DISPLAY
/AIF/LOG_DISPLAY
/AIF/MESSAGE_NOTIFICATION
/AIF/MSG_STAT_SNAP_SHOT
/AIF/PERFORMANCE_ANALYSIS
/AIF/SWITCH_FRAMEWORK
/AIF/VMAP_DISPLAY
/AIF/ARC_CREATE
/AIF/ARC_DISPLAY
4.3.2.2 /AIF/DATA_FIXER
Purpose
You assign the role /AIF/DATA_FIXER to users who are responsible for data consistency in
the SAP Application Interface Framework. For more information, see the documentation for
the single role /AIF/CORRECT_DATA.
Contained Roles
/AIF/DATA_FIXER contains the single role /AIF/CORRECT_DATA.
4.3.2.3 /AIF/INTERFACE_DEVELOPER
Purpose
You assign the role /AIF/INTERFACE_DEVELOPER to users who are responsible for
interface development. This role is recommended for all interface developers in the
development phase. The role involves authorization to change Customizing, which is required
to develop interfaces in the SAP Application Interface Framework. Additionally, the role
involves access to the functions of normal business users (role /AIF/BUSINESS_USER), the
Interface Test Tool, the application log messages, and the Performance Analysis tool.
August 2012
41
Note that you might want to limit the Customizing views the user can access.
Also be aware that the role /AIF/INTERFACE_DEVELOPER does not include
the developer role in the system. If the user is required to create function
modules, classes, or other development objects, the corresponding
authorization has to be assigned additionally.
Contained Roles
/AIF/INTERFACE_DEVELOPER is composed of the following single roles:
/AIF/CUST_CHANGE
/AIF/ERRHDL_CHANGE
/AIF/ERRHDL_DISPLAY
/AIF/LOG_DISPLAY
/AIF/PROCESS_INB
/AIF/PROCESS_OUTB
/AIF/PROCESS_RES
/AIF/TEST_TOOL
/AIF/VMAP_CHANGE
/AIF/VMAP_DISPLAY
4.3.2.4 /AIF/KEY_USER
Purpose
You assign the role /AIF/KEY_USER to users who are responsible for extended error
handling. This role is recommended for users who have to carry out critical error handling
operations that are not allowed for normal error handling as with the role
/AIF/BUSINESS_USER. In addition to the authorizations of the role /AIF/BUSINESS_USER,
this role includes the authorization to make error corrections in emergency mode.
Additionally, the users can run the Interface Test Tool, generate and display message
snapshots, and display log messages in the application log raised by the SAP Application
Note that users with this authorization can access the log messages from
data messages of any interface using transaction /AIF/LOG.
Contained Roles
/AIF/KEY_USER is composed of the single roles
/AIF/ERRHDL_CHANGE_EMC
/AIF/ERRHDL_DISPLAY_EMC
/AIF/LOG_DISPLAY
/AIF/PROCESS_INB
/AIF/PROCESS_OUTB
42
August 2012
/AIF/PROCESS_RES
/AIF/TEST_TOOL
/AIF/VMAP_CHANGE
/AIF/VMAP_DISPLAY
/AIF/ARC_CREATE
/AIF/ARC_DISPLAY
4.3.2.5 /AIF/BUSINESS_USER
Purpose
You assign the role /AIF/BUSINESS_USER to users who are responsible for error handling.
This role is recommended for all normal business users. It includes the authorization to
display and change fields of the message data in the Monitoring and Error Handling
transaction, restart and/or cancel data messages, and maintain value mappings. The role
does not include the authorization to carry out emergency corrections, view the Monitoring
and Error Handling transaction in technical mode, or display / change the configuration or
interface Customizing.
Note that you can limit the authorization to specific namespaces / interface
names / interface versions.
Contained Roles
/AIF/BUSINESS_USER is composed of the single roles
/AIF/ERRHDL_CHANGE
/AIF/ERRHDL_DISPLAY
/AIF/PROCESS_INB
/AIF/PROCESS_OUTB
/AIF/PROCESS_RES
/AIF/VMAP_CHANGE
/AIF/VMAP_DISPLAY
4.3.2.6 /AIF/ALL
Purpose
You assign the role /AIF/ALL to users who require read and write access to all parts of the
SAP Application Interface Framework. Users with this role can configure the SAP Application
Interface Framework, maintain interfaces, value mappings and interface variants, process
messages, and access log overviews. From a security perspective, it is not recommended to
assign this role.
Contained Roles
/AIF/ALL is composed of the following single roles:
/AIF/CORRECT_DATA
/AIF/CUST_CHANGE
/AIF/CUST_DISPLAY
/AIF/DATA_CHANGE_LOG
August 2012
43
/AIF/ERRHDL_CHANGE
/AIF/ERRHDL_CHANGE_EMC
/AIF/ERRHDL_DISPLAY
/AIF/ERRHDL_DISPLAY_EMC
/AIF/LOG_DISPLAY
/AIF/PROCESS_INB
/AIF/PROCESS_OUTB
/AIF/PROCESS_RES
/AIF/SWITCH_FRAMEWORK
/AIF/TEST_TOOL
/AIF/VMAP_CHANGE
/AIF/VMAP_DISPLAY
/AIF/ARC_CREATE
/AIF/ARC_DISPLAY
/AIF/ARC_RELOAD
44
August 2012
4.4 Interface- and Key-Field-Specific

Authorizations
Using the available Customizing activities within the SAP Application Interface Framework,
you are able to set up interface-specific and key field-specific authorizations. This lets you
specify authorizations on the basis of a single messages content. Assume, for example, that
a data message includes a plant and a business system identifier. A business user is
responsible only for a specific plant / business system combination, so they should only be
allowed to display and/or change messages for their combination.
To achieve this, you have to do two things:
1. Specify the fields that are relevant for authorizations as key fields and include them in
a custom single index table.
2. Create a custom authorization object.
The steps required to define key fields are described in the system documentation of the
corresponding Customizing activities. The authorization object needs to fulfill the following
requirements:
It requires a field called ACTVT
The available activities in the ACTVT field must be the same as for the authorization
object /AIF/ERR
It requires one field for each key field that serves as the basis for the authorization
August 2012
45
4.5 Considerations about Data Protection

As a technical framework that allows changing business-critical interface data, the SAP
Application Interface Framework is required to save user-related information that could be
marked as personal, private, or confidential. The access to this information is limited by
authorizations. The following user-related or potentially confidential data is saved and could
be accessed using the SAP Application Interface Framework.
4.5.1 Single or Multi Message Index Table

The single or multi message index tables, which record aggregated information on a perdata-message-level, contain fields for the following:
The user name of the user that processed the message, along with the date and time
of initial message processing
The user name of the user that last changed the message (restarted or cancelled it),
along with the date and time of the action
Data in the single or multi index tables is not visible on any screen within the SAP Application
Interface Framework. It can only be accessed through direct database query or the ABAP
dictionary.
4.5.2 Log of Changes in the Error Handling

Changes to a data messages field values that originated from the Monitoring and Error
Handling transaction are recorded in a log table. The following information is saved:
The name and path of the changed field along with the old and new value
The user name of the user who initiated the change along with the date and time of
the change
The changes log data can be viewed in the Error Handling Changes Log transaction. This
transaction is protected by authorization object S_TCODE. The transaction enables the user
to see a list of changes. Only when the user selects a change log entry and chooses to view
the details, is the user name of the user who made the change displayed.
4.5.3 Information Contained in Interface Data

Depending on your interfaces, message data might contain personal, private, or confidential
information. This information will be accessible by all users who have the authorization to
display or change messages of the interface in the Monitoring and Error Handling transaction.
If you identify such information and do not want the information to be available for error
handling, you can define the corresponding structures as Hide Structures. You can do this in
Customizing for the SAP Application Interface Framework under Namespace-Specific
Features.
46
August 2012
5 References
5 References
List of Documents
The following table lists all documents mentioned in this Master Guide that are relevant to the
SAP Application Interface Framework.
Title
Where to Find
Implementation Guide (IMG) for the

Application Interface Framework 700
In the SAP Application Interface Framework

system(s), execute Transaction /AIF/CUST
Application Help for the SAP

SAP Help Portal at http://help.sap.com/

-> SAP Business Suite -> SAP ERP Add-On ->
List of SAP Notes

The following table lists all SAP Notes mentioned in this Master Guide.
SAP Note Number
Title
Description
1747710
AIF 701: Installation Note

information about installing the main
component of SAP Application
Interface Framework 2.0
1747711
AIFX 701: Installation Note

information about installing the
optional component of SAP
Application Interface Framework 2.0
1530212

Framework FAQ
See this note for frequently asked

questions about the SAP Application
Interface Framework
1241303

In a dynamic document, as it is used

in the Interface Overview transaction
of the SAP Application Interface
Framework, form elements such as
pushbuttons, input fields, selection
lists, and hyperlinks respond several
times to an event.
1684718
WDA: Transaction WDYID Configuration ID is lost
Only needed if you install the optional

component AIFX 701 and use
Monitoring and Error Handling (Web)
from the SAP Easy Access menu.
1241303

In a dynamic document, as it is used

in the Interface Overview transaction
of the SAP Application Interface
Framework, form elements such as
pushbuttons, input fields, selection
lists, and hyperlinks respond several
times to an event.
1726101
Tables with more then five

key elements are not
supported
This note is only needed if you install

the optional component AIFX 701
and use the Service Implementation
Workbench (SIW) template.
August 2012
47
5 References
1705786
SIW: Language conflict with

LOCAL packages

and use the SIW template.
1698269
SIW: Misleading error

message

1718473
SIW: Dump after leaving

ungenerated project

48
August 2012
6 Media List
6 Media List
All deliverables for the SAP Application Interface Framework 700 are shipped electronically
and no shipment is made via DVDs (or similar kind of data carrier media).
August 2012
49
7 Release Availability Information
7 Release Availability Information

For more information about currently available releases for the SAP Application Interface
Framework, and for each release, the SAP standard software required to install and use the
solution, see http://www.service.sap.com/fbs/availability.
50
August 2012
SAP AG
Dietmar-Hopp-Allee 16
69190 Walldorf
Germany
T +49/18 05/34 34 24
F +49/18 05/34 34 20
www.sap.com
Copyright 2012 SAP AG. All rights reserved
trademark of Bluetooth SIG Inc. Motorola is a registered trademark of
SAP Library document classification: PUBLIC
Motorola Trademark Holdings LLC. Computop is a registered
No part of this publication may be reproduced or transmitted in any
trademark of Computop Wirtschaftsinformatik GmbH. SAP, R/3, SAP
form or for any purpose without the express permission of SAP AG.
NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects
The information contained herein may be changed without prior
Explorer, StreamWork, SAP HANA, and other SAP products and
notice. Some software products marketed by SAP AG and its
services mentioned herein as well as their respective logos are
distributors contain proprietary software components of other software
trademarks or registered trademarks of SAP AG in Germany and other
vendors. Microsoft, Windows, Excel, Outlook, PowerPoint,
countries. Business Objects and the Business Objects logo,
Silverlight, and Visual Studio are registered trademarks of Microsoft
BusinessObjects, Crystal Reports, Crystal Decisions, Web
Corporation. IBM, DB2, DB2 Universal Database, System i, System
Intelligence, Xcelsius, and other Business Objects products and
i5, System p, System p5, System x, System z, System z10, z10, z/VM,
services mentioned herein as well as their respective logos are
z/OS, OS/390, zEnterprise, PowerVM, Power Architecture, Power
trademarks or registered trademarks of Business Objects Software Ltd.
Systems, POWER7, POWER6+, POWER6, POWER, PowerHA,
Business Objects is an SAP company. Sybase and Adaptive Server,
pureScale, PowerPC, BladeCenter, System Storage, Storwize, XIV,
iAnywhere, Sybase 365, SQL Anywhere, and other Sybase products
GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2,
and services mentioned herein as well as their respective logos are
AIX, Intelligent Miner, WebSphere, Tivoli, Informix, and Smarter
trademarks or registered trademarks of Sybase Inc. Sybase is an SAP
Planet are trademarks or registered trademarks of IBM Corporation.
company. Crossgate, m@gic EDDY, B2B 360, and B2B 360
Linux is the registered trademark of Linus Torvalds in the United
Services are registered trademarks of Crossgate AG in Germany and
States and other countries. Adobe, the Adobe logo, Acrobat,
other countries. Crossgate is an SAP company. All other product and
PostScript, and Reader are trademarks or registered trademarks of
service names mentioned are the trademarks of their respective
Adobe Systems Incorporated in the United States and other countries.
companies. Data contained in this document serves informational
Oracle and Java are registered trademarks of Oracle and its affiliates.
purposes only. National product specifications may vary. These
UNIX, X/Open, OSF/1, and Motif are registered trademarks of the
materials are subject to change without notice. These materials are
Open Group. Citrix, ICA, Program Neighborhood, MetaFrame,
provided by SAP AG and its affiliated companies ("SAP Group") for
WinFrame, VideoFrame, and MultiWin are trademarks or registered
informational purposes only, without representation or warranty of any
trademarks of Citrix Systems Inc. HTML, XML, XHTML, and W3C
kind, and SAP Group shall not be liable for errors or omissions with
are trademarks or registered trademarks of W3C, World Wide Web
respect to the materials. The only warranties for SAP Group products
Consortium, Massachusetts Institute of Technology. Apple, App Store,
and services are those that are set forth in the express warranty
iBooks, iPad, iPhone, iPhoto, iPod, iTunes, Multi-Touch, Objective-C,
statements accompanying such products and services, if any. Nothing
Retina, Safari, Siri, and Xcode are trademarks or registered trademarks
herein should be construed as constituting an additional warranty.
of Apple Inc. IOS is a registered trademark of Cisco Systems Inc.
Disclaimer
RIM, BlackBerry, BBM, BlackBerry Curve, BlackBerry Bold,
Some components of this product are based on Java. Any code
BlackBerry Pearl, BlackBerry Torch, BlackBerry Storm, BlackBerry
change in these components may cause unpredictable and severe
Storm2, BlackBerry PlayBook, and BlackBerry App World are
malfunctions and is therefore expressively prohibited, as is any
trademarks or registered trademarks of Research in Motion Limited.
decompilation of these components.
Google App Engine, Google Apps, Google Checkout, Google Data
Any Java Source Code delivered with this product is only to be used
API, Google Maps, Google Mobile Ads, Google Mobile Updater,
by SAPs Support Services and may not be modified or altered in any
Google Mobile, Google Store, Google Sync, Google Updater, Google
way.
Voice, Google Mail, Gmail, YouTube, Dalvik and Android are
Documentation in the SAP Service Marketplace
trademarks or registered trademarks of Google Inc. INTERMEC is a
You can find this documentation at the following Internet address:
registered trademark of Intermec Technologies Corporation. Wi-Fi is a

registered trademark of Wi-Fi Alliance. Bluetooth is a registered
service.sap.com/instguides
Typographic
Conventions
Type Style
Example Text
Icons
Icon
Meaning
Represents
Caution
Words or characters that

appear on the screen. These
include field names, screen
titles, pushbuttons as well as
menu names, paths and
options.
Cross-references to other
documentation
Example
Example text
Emphasized words or phrases

in body text, titles of graphics
and tables
EXAMPLE TEXT
Names of elements in the

system. These include report
names, program names,
transaction codes, table
names, and individual key
words of a programming
language, when surrounded by
body text, for example,
SELECT and INCLUDE.
Example text
Screen output. This includes

file and directory names and
their paths, messages, names
of variables and parameters,
source code as well as names
of installation, upgrade and
database tools.
Example text
Exact user entry. These are

words or characters that you
enter in the system exactly as
they appear in the
documentation.
<Example text>
Variable user entry. Pointed

brackets indicate that you
replace these words and
characters with appropriate
entries.
EXAMPLE TEXT
Keys on the keyboard, for

example, function keys (such
as F2) or the ENTER key.
Note
Recommendation
Syntax

AIF20 Master Guide

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AIF20 Master Guide

Uploaded by

Copyright:

Available Formats

Master Guide

SAP Application Interface Framework 2.0

Master Guide SAP Application Interface Framework 2.0

1.00 (August 29, 2012)

First release of this Master Guide

Master Guide SAP Application Interface Framework 2.0

1.3 Important SAP Notes ..................................................................... 10

2 SAP Application Interface Framework Overview .......................12

3 Business Scenarios of the SAP Application Interface

4.3 Template Roles ............................................................................... 29

4.4 Interface- and Key-Field-Specific Authorizations ....................... 45

Master Guide SAP Application Interface Framework 2.0

7 Release Availability Information ..................................................50

1.2 Related Information

Location on SAP Service Marketplace

Latest versions of installation and upgrade

*In this Master Guide, see the SAP Notes listed

Overview application information as well as

*Application Help for SAP Application Interface

SAP Business Maps - information about

Sizing, calculation of hardware requirements

Released platforms and technology-related

Information about Support Package Stacks,

Information about Unicode technology

To access the Platform Availability Matrix directly,

1.2.2 Further Useful Links

Location on SAP Service Marketplace

Information about creating error messages

SAP Notes search

SAP Software Distribution Center (software

SAP Online Knowledge Products (OKPs)

1.2.3 Related Master Guides

-> Installation -> Master Guide

1.2.4 Related Operations Information

SAP NetWeaver Administrators Guide

SAP Help Portal at

1.3 Important SAP Notes

AIF 701: Installation Note

See this note for the detailed

AIFX 701: Installation Note

See this note for the detailed

SAP Application Interface

See this note for frequently

Relevant Notes of SAP NetWeaver

WDA: Transaction WDYID Configuration ID is lost

Only needed if you install the

Dynamic documents: Multiple

Tables with more then five

This note is only needed if

SIW: Language conflict with

This note is only needed if

SIW: Misleading error

This note is only needed if

SIW: Dump after leaving

This note is only needed if

2 SAP Application Interface Framework Overview

2 SAP Application Interface Framework

2 SAP Application Interface Framework Overview

2.1 Software Units of the SAP Application

SAP Application Interface Framework 2.0 (component AIF)

700, SP17 or above

SAP Application Interface Framework (component AIF)

SAP Application Interface Framework Extension (component AIFX)

731, SP01 or above