Reference links
A reference authorization link (or, shorter: reference link) is used to link two business objects thereby allowing the user to only view those records of the business object for which the reference link was created.
When a user creates a reference link on a business object, the authorization filter of the linked business object (the latter business object in the link) affects the record set of the business object on which the reference link is created.
An authorization filter determines whether a user should be able to see, modify and execute actions for a certain business object, based on its properties. A reference link however, is always created on the Read action of the business object.
 | For more information on creating authorization filters, see Creating authorization filters. |
When two business objects are linked, the second business object appears as a reference field on the first. For example, by using reference links, the user can see persons linked to only those properties/building which the user is authorized to see:
You can create reference links only for configurable base business objects. In addition, reference links can also be used for free integer reference fields, but not for free string fields.
 | Reference links can be defined only for base business objects on which the authorization filter is set on the Read action. |
| | • A reference link created on the base business object also gets implicitly applied to its subs. • Adding, deleting, updating authorization links is subject to security logging. For more information about this topic,see Security logging. • When you combine a reference link and an authorization filter, your result set may include records for which the value your are filtering on is empty. This is intentionally done to show records that would otherwise never be shown (so you can correct it). |