Below is an excerpt of financial data of two companies in the same line of business;By analyzing the above data, it is obvious that company B has a good ROI (Return on Investment) in fact 4.5 times that of company A and is the best place to invest in.

With this new information, it reveals that company A is performing better than the company B, though the financial figures were misleading. The reason for getting mislead; company B did not follow the standard accounting principles while recognizing the revenue.

now that what i call quite good rar

RAIs (Revenue Accounting Items) can be viewed and processed using RAI Monitor (Transaction FARR_RAI_MON).There are typically 3 stages/status in RAI processing; Raw, Processable and Processed. However, few stages can be skipped with integrated approach.

Adapter Reuse LayerStep 1: Interface ComponentsThis configuration activity provides access to the interface components that can be used when defining revenue accounting item classes.

Indeed it is a great blog on RAR. I have a providers contract and if I want to create a 100000$ as the total contract value and if I want to recognize every year if I want to recognize 10000$ as revenue every year how will I make it happen at the contract level? Do I need to make a configuration change for this integration to happen automatically.

Could you please let me know what going on with RAR in the S4 Hana Cloud? I see cloud version has some of the RAR revenue Recognition set up. However, the process or config is much simple. In Cloud, it is called Revenue recognition configuration. Is it diff thing that RAR , or it is similar(i saw some posting function is the same as rar is trying to do). If there is still RAR in Cloud, anything diff from on premises? Any information or link you could share would be great.

We wanted to request your help. Once RAI has been created for the sales order item, we want to stop user from changing the price in sales order item. Which userexit/BADI can I use? When the user changes the price in sales order for the item that has RAI created, then we wanted the system to check if RAI exists. If yes, then given pop up message to user stating that RAI has been created for this item in RAR and hence no change is possible. Is there userexit/BADI for it where we can add this validation logic?

Your article is very nice and comprehensive. The only thing where I struggle with is at the beginning: I do not get the point why Company B's situation is unfavorable. Could you please explain me what you mean with "Revenue is recognized based on the invoicing though the contract is not fully delivered." The only difference between A and B which I see is that A goes with the delivered POBs whereas B's revenue recognition goes along with the invoicing. This can be advantageous if the customer accepts the invoicing.

Vittorio Bertocci: Buongiorno everybody and welcome. This is Identity Unlocked, and I'm your host, Vittorio Bertocci. Identity Unlocked is the podcast that discusses identity specifications and trends from a developer perspective. Identity Unlocked is powered by Auth0. This season is sponsored by the OpenID Foundation. In this episode, we focus on various three-letter extensions to OAuth, which would fit well in a pirate novel: PAR, RAR and JAR. Our esteemed guest today is Filip Skokan, senior engineer at Auth0 and author of a very popular Open Source identity SDKs, and contributor of course to the IETF and OpenID Foundation. Welcome Filip.

Filip Skokan: Absolutely. It started in 2013 with myself moving to Germany actually. This was for a position in a games publishing company called ProSiebenSat Games. This company was operating a very popular gaming portal called Alaplaya that used to host a number of game titles. These were either in browser or had their own dedicated desktop launchers and even thick game clients. They all shared the login system though. The same account was used to log into the portal, to the shop, to the support center, and of course the game launchers or the game clients. The company was using Central Authentication Service protocol version 2. 0. This is a single sign- on protocol developed on Yale university, I believe somewhere in the early 2000's. It was one of the systems I ended up maintaining for the company. The company was eventually acquired and moved to Berlin, but it was the work done on it's single sign- on, and maybe even partially my engineering skills who knows, that got the group's CTO convinced I could deliver a special project for her. The project was the central single sign-on for the rest of the group's digital business. Important stuff, right?. But it had a caveat, it had to be in place quickly for the next season of a very popular reality TV show, think, Germany's Next Top Model or something like that.

Filip Skokan: Yes, absolutely. So I knew back then already that CAS was out of the question. It wouldn't support the already looming and blooming, exploding mobile application landscape. So this was early 2014, I barely knew what OAuth was, but I remember OpenID connect was fresh out the oven. So I made a POC using in-house built proprietary OpenID Connect interface. It wasn't used in the end, but it was quotes "ready". And as we were going around the demoing the work that we got, we managed to onboard more developers on the project and began making it really production ready because the CTO and the product officers and the group of the product officer, they picked it up and they liked it. So we went along with it. We were forced to make compromises though along the way. So protocol conformance went out the window, but I was so intrigued by what OpenID Connect had to offer that I started work on my own OpenID Connect libraries for NodeJS. One of those being authorization server and the other one being the relying party so that I can test my own server. Cool. As I was developing this, I stumbled upon the connect certification program which is ran by OpenID Foundation. And I immediately wanted my software to conform to it. I wanted that certification badge. I wanted it really, really, really, really bad. And I don't know if it was bugs in my software or the certification suite, but I used to be that proactive in the issue tracker to make it onto the team that managed that certification software. Now, the team composed of big names and established names in the industry, Mike Jones, Roland Hedberg, and Hans Zanbelt. I was contributing feedback automation CI to test the suite. And while I was doing all of that, I was getting pretty firm knowledge of the different specifications that it was dealing with, mainly OpenID Connect core built on top of OAuth2.0 and so on, you know drill. And from there on, it actually gets a bit blurry because it went really fast. I got introduced to Pamela Dingle as the guy who tests the tests and you know how big she is on protocols and standards. So the next thing I remember was giving a talk at Cloud Identity Summit in Chicago. It really went that fast. In there by the way, I recall meeting you for the first time. You surely don't remember.

Filip Skokan: They were really those open source projects I wanted certified and up to date with the latest specifications, the hottest draft that put me on auth0's radar because Ayth0 reached out to me, they said," Hey, you're writing OpenID Connect open source. We do identity as a service. Would you mind coming on board?" So I joined Auth0, moved back home to Czech Republic, and that relationship is still going strong today. While I'm supported by Auth0. I continue to contribute to OpenID Foundation, to the connect and FAPI Working Groups, the certification program, and of course the IETF OAuth working group, in all of those I keep up- to- date on the developments in those groups and feed that knowledge back to Auth0.

Vittorio Bertocci: Very nice. That is a great trajectory. And I like the hands-on component of it. So you have both knowledge of the protocol itself, but you also do things in concrete. So what they like to call a warrior priest, you know both sides of the house. And in fact that's what I'm hoping to learn from you today. And so I wanted to get into the main topic, which is a positioning a bit, the three acronyms that I mentioned as in of this PAR, RAR and JAR, what are those things? What problems do they solve? How they came to be? Imagine I know nothing about them, which is also reasonably accurate and explain to me what they are and why they are.

Filip Skokan: So these three, they all deal with different shortcomings in the core OAuth2.0 specification, they are really the outcome of the, I think over 10 years of OAuth2.0 being in use, the different applications OAuth was applied to over the years called for these extensions. Because when you think about it, when OAuth was conceived, the internet application landscape was rather simple, browsers were far from being secure. TLS, wasn't being adopted as much, cores wasn't the thing at all. And in general, the service providers were handling maybe one to two authentication servers at a time, a few web clients and maybe a single resource server, whereas today the landscape is completely different. So let's start with RAR then, RAR stands for the Rich Authorization Requests. It's a draft specification under the IETF OAuth Working Group. And it brings more expressive power to your authorization requests. The core OAuth2.0 authorization expressiveness is really simple, and it was designed to be simple, but in so it is also limiting, you have your scopes, maybe recently standardized resource indicators to be able to tell which resource server those scopes belong to, but that's it, you can't specify more than those two dimensions and sometimes not even that just scopes and what you're often left with is just those scopes. It's limiting there's no way to express complex authorization needs.

Vittorio Bertocci: And the funny thing is that people also like to misunderstand scopes, let's say that men with their hammer syndrome, given the scopes were the only things available, I think you have seen your portion of it, people are abusing the scopes for expressing all sorts of different concepts, which scopes weren't originally designed to support. 2ff7e9595c