You must specify EXECUTE FUNCTION to grant that privilege on functions or function mappings in a database, except for constraint functions.
The EXECUTE FUNCTION privilege does not need to be granted on constraint functions to users that need to query tables that are protected by row-level security.
Example: Granting the EXECUTE FUNCTION Privilege
This example of the GRANT statement grants the EXECUTE privilege on all functions in SYSLIB:
GRANT EXECUTE FUNCTION ON SYSLIB TO user_xyz;
You need only specify EXECUTE to grant the EXECUTE FUNCTION privilege on an individual UDF. For example, the following GRANT statement grants the EXECUTE privilege only on the function with the specific function name sales to user_xyz:
GRANT EXECUTE ON SPECIFIC FUNCTION SYSLIB.sales TO user_xyz;
Example: Granting the EXECUTE FUNCTION Privilege for a Function Mapping
The specified function mapping must exist before you can grant the EXECUTE FUNCTION privilege. This statement grants the EXECUTE FUNCTION privilege on the Interpolator function mapping in the appl_view_db database to user1.
GRANT EXECUTE FUNCTION ON appl_view_db.Interpolator TO user1;
Example: EXECUTE FUNCTION and Authorization Objects
In one particular case, granting EXECUTE FUNCTION is not sufficient to actually use the function. For example, the script table operator is enabled if a user has the EXECUTE FUNCTION granted to it but it needs an Authorization object bound to it in order to execute the scripts.
For example:
GRANT EXECUTE FUNCTION ON TD_SYSFNLIB.SCRIPT TO user_name;
GRANT EXECUTE ON authorization_name TO user_name;
GRANT EXECUTE FUNCTION ON TD_SYSFNLIB.SCRIPT TO role_name;
GRANT EXECUTE ON authorization_name TO role_name;
SYSUIF.DEFAULT_AUTH is provided as an authorization object target for the EXECUTE privilege.