Thank you Sarbjeet and Raquel for the ideas, but these did not solve the problem.
Are we doing something wrong with authorizations? If we copy the SAP provided business roles, and assign to our users, does that not mean that we will see all applications as part of SAP provided catalog?
If we delete these apps from the SAP provided catalogs, they should disappear from the launch pad, correct?
I feel like we are missing something from an auth. perspective. How would you approach the requirement to only show 2 apps to the user?
Best,
Brian