How to fix SAP error ACMRT_API002?

What causes this issue? Entity &V1& is protected by one or more access control documents. The restrictions resulting from these documents to be applied to the entity selection are too complex for the output structure of this API.System Response The system issues an error message and will not allow you to continue with this transaction until the error is resolved. How to fix this error? The API has been created only for entities that are protected with access control documents that refer to entity fields directly and do not make use of PFCG hierarchy mappings. Access control document syntax using path notations or PFCG hierarchy mappings will result in this error. You can use transaction <DS:TRAN.SACMDCLS>SACMDCLS</> to find all access control documents for the resource.Procedure for System Administrators Error message extract from SAP system. Copyright SAP SE.

How To Fix ACMRT_API002 - Access control documents for entity &1 too complex for this API

Instant Help Get instant SAP help. Start your 7-day free trial now.

SAP Error Message - Details

Message type: E = Error
Message class: ACMRT_API - Messages from ACM Runtime API
Message number: 002
Message text: Access control documents for entity &1 too complex for this API
Show details Hide details
What causes this issue?
Entity &V1& is protected by one or more access control documents. The
restrictions resulting from these documents to be applied to the entity
selection are too complex for the output structure of this API.
System Response
The system issues an error message and will not allow you to continue with this transaction until the error is resolved.
How to fix this error?
The API has been created only for entities that are protected with
access control documents that refer to entity fields directly and do not
make use of PFCG hierarchy mappings.
Access control document syntax using path notations or PFCG hierarchy
mappings will result in this error.
You can use transaction
<DS:TRAN.SACMDCLS>SACMDCLS</> to find all access control documents for
the resource.
Procedure for System Administrators

Error message extract from SAP system. Copyright SAP SE.

Smart SAP Assistant

What is the cause and solution for SAP error message ACMRT_API002 - Access control documents for entity &1 too complex for this API ?

The SAP error message ACMRT_API002 indicates that the access control documents for a specific entity are too complex for the API to process. This typically occurs in the context of SAP Access Control, where the system is trying to evaluate or process access control rules, but the complexity of the rules exceeds the limits of the API being used.

Cause:

Complex Access Control Rules: The access control documents associated with the entity (e.g., roles, authorizations) may have a high number of rules or intricate dependencies that the API cannot handle.
Large Data Volume: If there are a large number of access control documents or if the documents contain extensive data, it can lead to performance issues or exceed the processing capabilities of the API.
Inefficient Design: The design of the access control rules may not be optimized, leading to unnecessary complexity.

Solution:

Simplify Access Control Rules: Review and simplify the access control rules associated with the entity. This may involve consolidating rules, removing unnecessary conditions, or breaking down complex rules into simpler ones.
Limit Data Volume: If possible, reduce the number of access control documents being processed at one time. This can be done by filtering the data or processing it in smaller batches.
Use Alternative APIs: If the current API is not capable of handling the complexity, consider using a different API or method that can accommodate more complex access control scenarios.
Performance Tuning: Analyze the performance of the access control rules and optimize them for better efficiency. This may involve reviewing the underlying data structures or configurations.
Consult SAP Documentation: Check the SAP Help Portal or relevant documentation for any specific guidelines or limitations regarding the API being used.

Related Information:

SAP Notes: Look for SAP Notes related to the ACMRT_API002 error for any patches or updates that may address the issue.
SAP Community: Engage with the SAP Community forums to see if other users have encountered similar issues and what solutions they have found.
Access Control Configuration: Review the configuration settings in SAP Access Control to ensure they are set up correctly and efficiently.
Testing: After making changes, conduct thorough testing to ensure that the access control rules are still functioning as intended and that the error does not recur.

By addressing the complexity of the access control documents and optimizing the rules, you should be able to resolve the ACMRT_API002 error.

Instant Help Get instant SAP help. Start your 7-day free trial now.

Related SAP Error Messages

Click the links below to see the following related messages:

ACMRT_API001 No authorization to read authorization data (S_USER_PRO)
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
ACMDT_OBJSTATUS401 CTE column is representing a path but has no CTE column part
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...
ACMRT_API003 &1&2&3&4 (see long text)
What causes this issue? The access control kernel component has raised an exception.System Response The system issues an error message and will not ...
ACMTEST000 &1&2&3&4
Self-Explanatory Message Since SAP believes that this specific error message is 'self-explanatory,' no more information has been given.The majority of...

Click on this link to search all SAP messages.

ERPlingo's SAP support assistant is amazing. Saves me countless hours trying to solve complex SAP issues myself. It's a real game changer!

Thomas Michael
SAP Consultant, Author & Speaker