https://www.youtube.com/watch?

v=p5gRNmM4n8Q

https://www.youtube.com/watch?v=b-13iRWUZ9g

Authorizations for the WF-BATCH (system) user.

WF-BATCH or system user is responsible to execute and manage all background jobs in
workflows. This sytem user has been defined in the RFC destination
WORKFLOW_LOCAL_<client>. System user has assigned SAP_ALL authorization.

You can create the RFC destination WORKFLOW_LOCAL_<client> using transaction SWU3
(Automatic Workflow Customizing), activity 'Configure RFC Destination'. If you use the
function 'Perform Automatic Workflow Customizing (F9)' to do this, the system also creates the
user WF-BATCH if it does not yet exist. In this case, the system assigns all of the profiles of the
user who executes transaction SWU3 to this user. The system may assign the profile SAP_ALL
as a result.

The system ensures that the profile SAP_ALL is never assigned to the user WF-BATCH when
you use the function 'Perform Automatic Workflow Customizing (F9)'.

If you want to restrict the authorization of the system user, proceed as follows:

 Set the plan version in the role SAP_BC_BMT_WFM_SERV_USER

The role contains, for example, the authorization object PLOG (personnel planning).
Assign your active plan version to the Plan Version field and generate the authorization
profile.

 Assign the role SAP_BC_BMT_WFM_SERV_USER

Use the user maintenance to remove the assignment for all roles and profiles, and assign
the single role SAP_BC_BMT_WFM_SERV_USER.

 Add the application-specific authorizations

In addition, the system user must be assigned all of the application-specific authorizations
that are required to execute your active workflows.

To do this, proceed as follows:

 Identify the active workflows in your system and the applications these are based on.
Assign the existing roles for this application to the system user. These maybe roles
delivered by SAP, or customer-specific roles.
This should cover most or even all required authorizations.

 Check whether the workflows are executed correctly after assigning these roles.
If this is not the case, check which authorizations are missing. You can use the system
trace (transaction ST01) to determine missing authorizations. Select the trace component
'Authorization check' and use the filter to restrict the trace to the system user.
 The authorization trace displays failed authorization checks. Add these authorizations to
an existing or new role and assign it to the system user.

 Check the execution of the workflows again and repeat the trace process and the role
adjustment if required.

https://www.saptechnicalguru.com/workflow-s4hana/

Activating workflow in S4HANA

This blog will explain how to activate workflow in S4HANA. If you have to activate workflow in classic ECC system use this blog.

Questions that will be answered in this blog are:

 How to activate workflow in S4HANA?

 What do I need to do with the workflow activation in case of an upgrade to S4HANA?
 Where to find more background information on workflow activation in S4HANA?
 Why is WF-BATCH replaced with SAP_WFRT user?

Workflow activation in S4HANA

First make sure you have created system user SAP_WFRT. Start with assigning SAP_ALL to this user. You can replace it with lower
rights after the activation is done properly according to OSS note 1574002 – WF-BATCH and SAP_WFRT Authorizations.

Start transaction SWU3:

 Select the Edit Runtime Environment and press the button Execute Activity. This will activate all the actions below.

After it is done you can press the button Start Verification Workflow to check if the workflow runs properly. After 1 minute (it needs
compilation in the background) start transaction SBWP.

All background information regarding SWU3 can be found in OSS note 2366252 – Transaction SWU3 explained.

Activating workflow after upgrade to S4HANA

After upgrading to S4HANA workflow will not work any more. You first need to create system user SAP_WFRT and redo the SWU3
setup.

Background user SAP_WFRT will replace background user WF-BATCH.

For more background on this replacement see oss note 2568271 – Change of workflow system user and workflow system jobs with
S/4HANA On-Premise 1709 and oss note 2637240 – Error in SWU3 – System user ‘SAP_WFRT’ does not exist.

If you have issues with the workflow batch jobs after the upgrade, please check OSS notes:

 2770337 – SWU3 workflow jobs not scheduled in S/4HANA system

 2833378 – SWU3 workflow jobs not scheduled

After the user and RFC activation you need to schedule the new workflow jobs in SJOBREPO:
Read OSS note 3109917 – How to change the step user of workflow system jobs while keep the other technical jobs in job repository
unchanged for instructions on the job user for workflow.

Workflow and SNC

If you also use SNC, please follow the instructions in OSS note 3137350 – Workflow RFC destination no longer works after SNC
activation carefully.

More workflow

For workflow tips and tricks: read this blog.

Setup of FIORI my workflow inbox: read this blog.

For deletion and archiving of workflow: read this blog.