The simple way to check sap authorisation and see if you have all the appropriate authorisations for a transaction code, or see which specific authorisations a particular t-code has failed on is to simply execute it. Then use transaction SU53 to see all the failed authorisation checks.
This is also the standard way of requesting a new SAP authorisation by sending the SU53 result to your basis team. See below for full step by step instructions on how to use SU53.
The first thing you need to do is execute the transaction you don’t have authority for or which you want to check.
For this example I am going to use transaction SU01, so just execute SU01 using the command box.
…and then try and create a new user by entering a user name and pressing the create button.
At this point, you may get the not authorised to use this transaction message.
Once you have executed the desired transaction, immediately after it loads or you get the unauthorised message, execute SU53 with either /n or /o to create a new session.
i.e. /oSU53
You will then be presented with the list of failed authority checks or a message saying all checks were successful.
Here is an example with failed authorisation check for transaction SM69