Hi Naveen,
understand like this - Transaction Codes are nothing but package of Authorization Objects.
user to execute any tcode required all its related authorization objects(as per SU24 setting)
Authorization check will be perform based on multiple parameters like:
1) SU24/SU25 setting
2) AUTHORITY-CHECK in programs
3) SE93 setting
4) profile parameter AUTH/NO_CHECK_IN_SOME_CASES
large number of authorization objects are often checked when transactions are executed, since the transaction calls other work areas in the background. In order for these checks to be executed successfully, the user must have the appropriate authorizations. This results in some users having more authorization than they strictly need. It also leads to an increased maintenance workload. You can therefore deactivate authorization checks of this type in a targeted manner using transaction SU24.
Please check SU24 setting for any any calling Transaction (Ex. CA02) and here you will see it checks M_MATE_STA object which is also part of called Transaction. however M_MATE_STA object will not be included in profile generator (Role) to reduce Maintenance workload.
Regards,
Satyajit