This blog post will explain how you can leverage the Identity Provisioning Service (IPS) to mostly automate the life cycle of an S-User Member in the SAP Cloud Platform Neo Environment.
Motivation
You may ask: Why should provision S-Users to my SCP i...
Hi Kurt,i would recommend to use only one source system and then have a condition on the user provisioning part in the target transformation.In my projects i am typically doing it like this:{ "user": { "condition": "$.groups[?(@.value IN [%...
Hi Max,
I am not sure if I understand your scenario correctly, but the problem lies in the generation of the SAML token inside the APIM. This forces you to have the required key material to sign the SAML token inside the service, being the "universa...
Hi Max,
although I agree with your statement that it is expensive performance wise, from a security and risk perspective APIM and Cloud Connector are two very different systems with a completely different purpose.
Cloud Connector (as well as an IDP...
Thanks Bryan,
Sept one is a bit complicated to document, as it would be different per Identity Management product that you would use. In general you could use the SCIM connector from IPS to connect generic systems as long as they do speak the SCIM p...
mdischer The S/4HANA onPrem connector takes care of the Business Users of the System. If you would like to create SU01 Users with PFCG roles, you need to use the ABAP connector. With this method it would be possible to assign PFCG roles from LDAP Gr...