Xiting Central Workflows: New Functions with Service Pack 5
As the saying goes, “Good things come to those who wait”. This also applies to the new release of Service Pack 5 (SP5) of our product Xiting Central Workflows (XCW). After more than a year of defining requirements, development and testing, we are not only presenting brand new functions, but also completely rethought use cases (XCW and SAP Cloud). But let’s go back to the beginning: with XCW, we offer you standardized workflows according to SAP best practice for the most important application scenarios in user administration of primarily SAP systems in our experience. In SP5, you can also use the tried-and-tested workflows for creating/changing users, assigning and revoking authorizations and the combination as usual – only even better and easier. The Fiori interfaces and password self-service are also still available and include some much-awaited features.
We present some of the new functions and use cases of the new release below.
Table of Contents
Business Roles
We want to improve the user experience and simplify the application for authorizations by using business roles. These are containers with cross-system authorizations that are maintained in XCW customizing. In future, the end user will only apply for business roles that can be found using simple search options. This significantly reduces the number of selection options.
The application process remains unchanged. The business roles can be searched for and requested either in the user creation request or in the role request. The business role owner must then approve the assignment and, if a risk is identified by XAMS CRAF, it must be released or mitigated by the risk owner.
Figure 1 shows the business role wizard:
Figure 2 shows the view of the requested business role:
Extension of the LDAP integration
The previous LDAP integration included an LDAP search that transferred information from identities from sources such as the Active Directory to user applications in the XCW and matched them accordingly. These applications could be processed and submitted manually.
With SP5, it is possible to set up jobs that regularly read in data via LDAP and determine whether new identities have been created or existing identities have been changed. This generates automatic user requests that must be approved by the user managers in the XCW.
In addition, the popular LDAP search is now also available in the user creation and role assignment requests (business roles and PFCG roles):
Dynamic Risk Managers
With SP5, it is possible to store the risk owners for each risk individually in XAMS CRAF. As soon as a risk is created by an assignment, XCW receives the corresponding risk owner from CRAF and this person takes over the approval step in XCW. The central maintenance of a group of risk owners is still available. A customizing switch can also be activated, making it possible to enter the risk owner individually when submitting the application.
Find out more about XAMS CRAF in this new webinar:
In addition, the approval of risk owners in Fiori has been optimized and mitigation is now also possible:
Manager Approval
Previously, there was the approval step of the role owner and occasionally the risk owner. SP5 introduces an additional approval step – that of the manager. This has been repeatedly requested by our customers in the past and now we can meet this requirement. In the first version, a simple mapping table will be implemented in which users must be assigned to their managers. If XAMS CRAF is used, the approver can also see whether there are any conflicts.
Figure 5 shows the manager approval in the SAP GUI interface and Figure 6 in the Fiori interface.
Further Optimizations
Many other optimizations have been successfully implemented, particularly as a result of feedback from our customers who are already using XCW:
- Download/upload Options Extended in Customizing
- Specify approval-free roles using wildcards
- Extension of the check interval when sending the application
- Customizable display of the dashboards with regard to the days displayed
- Optimization of texts
Extended Use Case: XCW Goes SAP Cloud
With Service Pack 5, XCW expands its functionality to include business roles, which serve as containers for technical roles from various ABAP systems. Requests for these roles can be made via the UI5 front end and the SAP GUI and go through an approval process that is checked by the business role owner and, if necessary, the risk manager.
Our approach uses the XCW central system (CDL) or the existing CUA system as a central source system to enable the management and provisioning of user accounts and authorization roles for On-Prem ABAP & S/4HANA.
We are now also applying this principle to integrate SAP cloud systems in combination with SAP Cloud Identity Services. In the SAP on-prem systems, the authorization roles typically include specific access rights for the SAP applications. However, there are also “empty” authorization roles that do not have their own access rights, but merely serve as substitutes for authorization roles in other systems.
These roles are implemented because a direct implementation is not possible due to different authorization concepts in the cloud world. In the XCW central system/ZBV, the ownership of these roles is therefore defined by user accounts, supported by workflows.
Enter a new era of hybrid identity management with us and benefit from centralized, efficient management of your SAP OnPrem and SAP Cloud systems. Figure 7 shows you the target architecture:
Webinar: SAP Solution Day about Xiting Central Workflows
You now have an overview of the most important features and other use cases of Xiting Central Workflows (XCW) SP5. If you would like to experience the new features live, we recommend our free webinar on “User and Role Administration with Xiting Central Workflows”. The next webinar date is part of the webinar series: “SAP Solution Day” and is aimed at all SAP, XAMS and XCW users and interested persons.
If you have any questions or are interested in the topic of workflows and self-services or our Xiting Central Workflows solution, please contact us at [email protected].
- Xiting Central Workflows: New Functions with Service Pack 5 - 30. July 2024
- Xiting Central Workflows: New features with SP4 - 15. March 2023
- Success Story: Uhlmann Pac-Systeme GmbH & Co. KG - 6. October 2022
