The users will need the authorization
S_RFC: RFC_TYPE=FUGR, RFC_NAME=XXXX, ACTVT=16
where XXXX is the function group of the BAPI. In
addition, a particular BAPI can check special user rights. Switch on the
authoization trace in transaction ST01, execute the BAPI and display the list of
authorizations that have been checked in the BAPI.
For documentation see www.synactive.com->Documentation
-> GuiXT -> RFC and the SAP documentation at
https://help.sap.com/saphelp_nw70/helpdata/en/60/305140c770cd01e10000000a155106/frameset.htm