Introduction
In SAP Analytics Cloud (SAC), managing access isn’t just about assigning roles—it’s also about controlling how deeply users can interact with content and data. This is where SAC’s security levels come in.
SAC offers three primary levels of security: Role-level, Folder-level, and Model-level. Each level gives you a different degree of control over what users can see or do in the system.
This knowledge base article walks through each level of security, how permissions work at each layer, and how they combine to protect your organization’s data while enabling collaboration.
Creating New Users in SAC
To give someone access to SAC, you’ll need to create a user profile with the necessary credentials and permissions.
Steps to Create a User:
1
Go to Security > Users from the SAC side navigation.
2
Click Create User.
3
Enter the required details, including:
- Email Address
- Username
4
Assign an initial role to define what the user can access (e.g., Viewer, Content Creator, Admin).
5
Save to finalize the user setup.
💡Tip: Assign roles at the time of creation to prevent users from accessing the system with incomplete permissions.
Managing User Profiles
Over time, users may switch roles, require different access, or leave the organization. Keeping their profiles up to date ensures access stays appropriate and secure.
Update User Details
You can edit a user’s information at any time:
- Update name, email, or username
- Change assigned roles
- Add or remove team memberships
Steps to Deactivate a User:
1
Navigate to Security > Users
2
Select the user
3
Click Deactivate
💡Tip: Review user profiles quarterly to ensure access aligns with current job functions.
Exporting User Lists
Exporting user data can support security reviews, compliance reporting, or internal audits.
Steps to Export a User List
1
Navigate to Security > Users
2
Use the export function (usually found in the toolbar)
3
Choose a format (CSV, Excel, etc.) and save the file
💡Tip: Use exported lists to identify outdated accounts, missing roles, or inactive users.
To give someone access to SAC, you’ll need to create a user profile with the necessary credentials and permissions.
Best Practices
To keep your SAC environment clean, secure, and easy to manage, keep the following in mind:
- Use a naming convention for usernames to make it easier to identify users across systems.
- Avoid assigning Admin roles by default
- Only grant elevated permissions where necessary.
- Leverage teams for easier role management and fewer manual updates.
- Regularly audit user roles and deactivate accounts that are no longer in use.
Summary
Managing users in SAC isn’t just about adding names—it’s about keeping access up to date and data secure. With the right setup and regular reviews, you can maintain a clean, well-managed user base.
Want to dive deeper into how Users, Roles, and Teams work in SAP Analytics Cloud? Explore the full SAP Booster course here.
