![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image1-1024x406.png\")
SAP Fiori isn’t just a “prettier SAP.” It represents a complete shift in user experience design. Its core idea is to tailor applications to fundamental business roles and everyday tasks<\/strong>. Users see exactly what they need \u2013 no clutter, no unnecessary complexity. The apps are responsive, lightweight, and accessible from desktops, tablets, or phones.<\/p>\n\n\n\n But behind this simplicity lies a complex and powerful system<\/strong> that must be carefully designed, configured, and secured. At the heart of it all are authorizations.<\/p>\n\n\n\n At the core of the Fiori experience is the SAP Fiori Launchpad<\/strong> \u2013 a central entry point where users log in to access their assigned applications. The tiles visible on the Launchpad home screen are not random; they result from deliberate configuration involving catalogs, pages, spaces, and roles.<\/p>\n\n\n\n Depending on the application type, SAP Fiori can run modern SAPUI5-based apps and classic legacy transactions (SAP GUI or Web Dynpro) rendered in HTML and styled to fit the Fiori look & feel.<\/p>\n\n\n\n Fiori applications are typically divided into three main categories:<\/p>\n\n\n\n These rely on OData services to communicate between the front-end UI and the backend system.<\/p>\n\n\n\n SAP Fiori introduces a precise authorization model based on catalogs, spaces, pages, and roles. One key difference from classic SAP is that tile visibility in the Launchpad is itself authorization-controlled. If a user isn’t assigned the right catalog or space, they won’t see the application, even if they have backend access.<\/p>\n\n\n\n From a technical standpoint, authorization is split into two main layers: the Front-End Server (FES)<\/strong> and the Back-End Server (BES)<\/strong>.<\/p>\n\n\n\n The FES manages UI-level access, controlling what the user sees, as well as the start authorizations for OData services. It’s where we assign catalogs, spaces, and pages that define the structure of the user’s Launchpad.<\/p>\n\n\n\n The BES controls access to the actual business data, which is where the application logic executes. Therefore, users must also have appropriate roles in the backend; otherwise, the app may open but show no data or throw an authorization error.<\/p>\n\n\n\n In embedded scenarios (FES and BES in one system), a single PFCG role is sufficient. You need roles on both sides in hub deployments (FES and BES are separate). While the hub setup is more complex, it offers flexibility and enhanced security, especially for centralized Launchpad scenarios across multiple backend systems.<\/p>\n\n\n\n Whether planning access, building roles, or analyzing business needs, the SAP Fiori Apps Reference Library<\/strong> is your go-to resource. It’s SAP’s official online catalog of all available Fiori applications.<\/p>\n\n\n\n Here, you’ll find detailed technical information:<\/p>\n\n\n\n The library lets you filter apps by module, role, technology, or system version. It even includes a “Get Recommendations” tool that can suggest which apps to implement in your organization based on real usage data (e.g., collected via ST03).<\/p>\n\n\n\n You can explore it freely online at: https:\/\/www.sap.com\/fiori-apps-library<\/a>. A valid S-user is needed for advanced features like recommendations.<\/p>\n\n\n\n This tool is invaluable \u2013 not just for technical consultants, but also for UX designers and business process owners.<\/p>\n\n\n\n The process of granting access to Fiori apps starts with catalogs<\/strong>, which contain apps and their target mappings (launch information). These are then grouped into pages<\/strong>, and pages into spaces<\/strong>, which are assigned to users via roles.<\/p>\n\n\n\n This layered structure allows for tailored user experiences \u2013 for example, a finance manager might see a different Launchpad layout than a warehouse supervisor. <\/p>\n\n\n\n SAP also provides intuitive tools for managing this structure, such as the Manage Launchpad Spaces<\/em> and Manage Launchpad Pages<\/em> apps. You can also assign spaces and pages directly within the PFCG transaction.<\/p>\n\n\n\n Many organizations still rely on classic technologies like SAP GUI for HTML or Web Dynpro ABAP. Thanks to the Belize theme and integration into the Launchpad, these apps can look and behave like native Fiori apps. But they require special handling.<\/p>\n\n\n\n They must be included in Fiori catalogs and embedded in pages and spaces to be visible. Backend authorizations (e.g., SU24) must also be in place, just like for standard transactions.<\/p>\n\n\n\n As systems evolve and new app versions are released, administrators face the challenge of keeping Launchpad content current. The Launchpad Content Manager<\/strong> (transaction \/UI2\/FLPCM_CUST<\/strong>) helps by providing visibility into catalog consistency, tile errors, missing mappings, and deprecated content.<\/p>\n\n\n\n This tool is especially useful after system upgrades. It identifies obsolete or deprecated apps, finds their successors, and updates catalogs and roles accordingly. It’s your central dashboard for content governance in the Launchpad.<\/p>\n\n\n\n SAP Fiori is more than just a modern interface \u2013 it’s a UX platform that transforms users’ interactions with SAP. However, a well-structured authorization model is essential for it to work efficiently and securely. This model is built around catalogs, roles, OData services, and business roles.<\/p>\n\n\n\n Though the initial setup of SAP Fiori can seem complex, it ultimately provides a powerful and flexible way to deliver personalized, role-based access to the right applications, all within a unified, secure, and intuitive environment.<\/p>\n\n\n\n If you’re working on an SAP S\/4HANA implementation or improving an existing system, it’s worth investing time in understanding how SAP Fiori authorization works. It’s not just about access \u2013 it’s about delivering real business value through a great user experience.<\/p>\n\n\nHow does SAP Fiori work under the hood?<\/strong><\/strong><\/h2>\n\n\n\n
\n
Authorizations \u2013 who sees what and why?<\/strong><\/strong><\/h2>\n\n\n\n
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image2-1024x473.png\")
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image3-1024x545.png\")
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image4-1024x492.png\")
Where to start? SAP Fiori Apps Reference Library<\/strong><\/strong><\/h2>\n\n\n\n
\n
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image5-1024x494.png\")
Catalogs, pages, spaces \u2013 building the Launchpad experience<\/strong><\/h2>\n\n\n\n
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image6-1024x512.png\")
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image7-1024x536.png\")
What about legacy applications?<\/strong><\/strong><\/h2>\n\n\n\n
Maintenance and diagnostics \u2013 enter Launchpad Content Manager<\/strong><\/strong><\/h2>\n\n\n\n
![\"SAP](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/image8-1024x450.png\")
![\"job](\"https:\/\/sii.pl\/blog\/wp-content\/uploads\/2025\/07\/praca-EN-k.jpg\")
<\/a><\/figure>\n\n\n\nSummary<\/strong><\/strong><\/h2>\n\n\n\n