How to Set up and Analyse STAUTHTRACE
01 July 2026

How to Set up and Analyse STAUTHTRACE

SAP Security & GRC

About

Listen to the SAP Security & GRC podcast โ€“ helping you on your journey to effective access risk management in SAP.

In this episode, Ross Robertson walks through the SAP short-term user authority check trace (STAUTHTRACE) โ€“ a real-time authorisation trace that captures both successful and failed authority checks as users execute transactions, Fiori apps, and RFC calls. Think of it as a far more powerful evolution of the classic SU53 report.

๐Ÿ”‘ Key Takeaways:

What STAUTHTRACE is and how it differs from the classic SU53 report

How to activate the trace system-wide or on a specific application server

Why STAUTHTRACE runs on a rolling memory buffer with minimal system impact โ€“ so you can leave it active long-term

How to filter results by user, date/time, application type, application name, authorisation object, and check result

A live troubleshooting walkthrough: diagnosing a failed SU01 user-change authorisation (S_USER_GRP)

Reading both passed and failed checks โ€“ including table access checks in SE16 (e.g. EKKO) and CDS view entity checks in S/4HANA

Inspecting the user buffer via SU56

๐Ÿ‘ฅ Featuring:

Ross Robertson โ€“ Senior SAP Authorisations Consultant, Soterionย