It has been a long journey. A highly-requested and long awaited feature has been released on the 25th of July 2022. You can now use your custom SAP Identity Authentication service tenant to log in to your BTP management tools. That includes the BTP cockpit (including Neo), BTP CLI, and the different clients for the Cloud Foundry Environment. In the past that was only possible in feature set A with a rather complicated setup. In feature set B, however, the setup process is as easy as the trust setup for an application identity provider in a subaccount, and you do this centrally for a whole global account. The magic happens behind the scenes. Now all customers on feature set B can manage their BTP accounts in a
fully compliant way, and
integrated into their corporate IAM processes. For instance, think about enforcement of multi-factor authentication, full control over password policies and user lifecycle as well as the usage of technical users for automation.
More information can found in the
release note.
A detailed procedure description on how to use a custom identity provider for the platform users of
SAP BTP is already available on SAP Help Portal:
Establish Trust and Federation of Custom Identity Providers for Platform Users [Feature Set B].