An essential aspect of controlling processes in SAP Business One is the management of authorisations, which determine the access and editing rights of each user to the various functions and modules of the system.

Managing user permissions is essential for efficient and secure use of the system. However, it can quickly become complex, especially in larger organisations with many users and different roles. This is why it is important to have a good understanding of the possibilities that SAP Business One in the area of user rights.

SAP Business One Authorisation Levels

In SAP Business One, there are three basic authorisation levels: full authorisation, display authorisation and no authorisation. Newly created users have no user rights in all areas by default to ensure the security of the system. User rights can then be set individually for each user, based on the requirements of their role in the company.

SAP Business One User Group

In addition to general permissions, there are also user groups in SAP Business One. These allow permissions to be assigned at a group level, which can make it easier to manage permissions in larger organisations. A user can belong to one or more groups and also have individual user rights. In such cases, the user's 'Effective Authorisation' shows the actual valid authorisation resulting from the individual and group authorisations.

Superuser in SAP Business One

A superuser is generally a user ID that has access to and control over the various functions of the system. This mainly concerns access and rights to the various modules and sub-modules, which can be controlled by authorising and changing settings, etc. In contrast, the simple user is a user who works on a daily basis based on the settings and rights of the superuser.

User-defined permissions

SAP Business One also allows you to assign extended, user-defined permissions. These can be used in particular for Add ons and other extensions to the system can be useful. They allow permissions to be defined at a granular level, for example at the level of individual form fields.

Data ownership

The data ownership concept enables the control of data ownership in SAP Business One. The data ownership function enables the definition of the owner of data and information. Consequently, a company's data and personal information can be secured and protected through predefined permissions. User permissions can be assigned to individual users so that these users have the same permissions throughout the system. However, it is also possible to individualise permissions so that each user has different permissions for individual objects.
It is possible to enable or disable data ownership for the entire system, for individual objects and even for windows and reports. As long as there is a defined relationship with the owner and the user has permission, read-only or full for the data ownership for this relationship, a user can access a Business partner-Access the sales document, opportunity document or outgoing/incoming document.


In summary, user permission management is an essential aspect of system administration in SAP Business One. It enables the access and editing rights of each user in the system to be controlled in a secure and efficient manner. Through the use of user groups and advanced user-defined rights, SAP Business One provides flexible and powerful authorisation management capabilities even in complex organisations and when using system extensions.