S-user Lifetime

SAP assigns an expiry date to all S-users. The S-user Lifetime process helps protect your sensitive company information and ensures compliance to the pertinent data protection regulations that may apply to you (e.g. GDPR). You can find the S-user lifetime expiration date in your User Profile. Administrators will find more in-depth information relevant to the user account management activities in the User Management Application.

S-user Lifetime Process

Phase 1 - Active

  • With S-user lifetime, all S-user IDs have an "expiry date." A default validity period of 24 months is assigned to all new users.
  • Administrators have the ability to amend the expiration date as needed.
  • A valid e-mail address is mandatory for all S-user IDs.

Phase 2 - Expiring

  • The expiring phase is 90 days.
  • All administrators will be notified as soon as the S-user enters the expiring phase. There is no impact to the S-user at the time of these notifications.
  • S-users will be notified via e-mail three times at 30 days, 14 days, and 2 days before their S-user ID expires.
  • Administrators may choose to extend the S-user lifetime of each user, allow them to expire or they may delete any S-user IDs at any time. Note: There is also a mass update available.
  • At any time, S-users may request an extension of their ID's expiry date via a self-service. Note: S-users will be informed about any changes to their expiration dates.
  • S-users will still be able to authenticate into SAP platforms and systems up until they reach the expired phase.

Phase 3 - Expired

  • For 90 days after the expiry date passes, the S-user ID will be disabled (please note that the S-user ID will not be deleted yet).
  • The S-user will be unable to authenticate into SAP platforms and systems.
  • S-users will receive a confirmation notification for their expired S-user.
  • Administrators can see expired S-users in the User Management Application.
  • Administrators can reactivate the S-user ID up until the S-user ID is deleted.

Phase 4 - Deleted

  • 90 days after the S-user ID has expired, it will be deleted.
  • Administrators can view deleted S-user IDs for 12 months; however, the S-user ID will be unable to be reactivated. 
  • If the deleted S-user requires access to SAP systems again, the administrator will have to create a new S-user ID for that individual (the deleted S-user ID will no longer exist). 
  • Please note: SAP cannot bring this S-user ID back.
  • The deleted S-user's history will also be deleted from the SAP systems permanently.

Frequently Asked Questions