...
Step 1:
In SCL Menu Function maintenance, select a menu function and in the Visibility rules add {"PrimaryDOAuthorization":"CanCreate"}
or {"PrimaryDOAuthorization":"CanCreate,CanDelete,CanModify"} (based on the needs)
Step 2:
From the designer, Links tab, create a TabelIO link from the Ribbon to Form (the form must be linked to a data source so it gets the security restrictions from the catalog)
Step 3:
In the Smart Security Object Maintenance
Create a new record with the name of the BE (eg: Osiv.Sendung.Sendung.SendungBE) and add the Tokens for the needed actions
...