M3 contains a general authorization related to program access. Time and Attendance, on the other hand, contains authorization as related to the employees. This means that all users who work with Time and Attendance must be defined in ‘User. Connect Authority’ (CRS545).
In 'Person. Open' (CRS530), each employee is connected to a facility, department, and planning area. All information related to an employee will contain these pieces of information. They are then used as the basis for determining authorization in Time and Attendance.
In ‘User. Connect Authority’ (CRS545), authorization information for each user is created and updated. Each user is connected to a facility, department, and planning area. The order is hierarchic, so that in order to be connected to a department the user must also be connected to a facility. When the user later works with functions in Time and Attendance which contain employee-related information, only the information belonging to the selected areas is displayed.
Each user can be connected to any number of authorization areas. For each such area, it can be specified whether the user is allowed to change information or authorize transactions. If this is not specified, then the user may only view information.