SAP Note 1647157 - How to Set up Access to the SPML Service on AS Java

Component : User Management Engine - Identity Management

Solution : https://service.sap.com/sap/support/notes/1647157 (SAP Service marketplace login required)

Summary :
Due to updates in SAP NetWeaver AS Java's security policies, the administration user created during installation no longer has default SPML (Service Provisioning Markup Language) access for system-to-system communications used in modules like SAP NetWeaver Identity Management and SAP Solution Manager. This change prevents powerful administration users from potentially exploiting SPML services to read or modify user data. To restore access, administrators must create a technical user and assign appropriate SPML roles—either read-only or read/write—ensuring secure data handling protocols are maintained.

Key words :
sap netweaver application server java, sap netweaver identity management, party identity management solutions, spml_read_action read/write access, sap solution manager, powerful end users, select search criteria, change user data, grant spml access, user administration ui

Related Notes :

1652285UME principals not returned in Process Composer Dialogs
1647267Solution Manager adaptation to Java UME security