Hi experts!we are currently working on integrating a custom schema within Identity Directory Services (IdDS). Specifically, we've developed a custom schema titled "urn:sap:cloud:scim:schemas:extension:custom:2.0:XitingIAM"In our application, we're ob...
This blog explores the latest 2024 updates in SAP's Identity and Access Management (IAM) portfolio derived from various early 2024 SAP events, particularly focusing on SAP Cloud Identity Services (SCI). IAM 101: Identity Lifecycle, Authorization, and...
Hey there, fiends of the well-groomed SSO world!So, here I am, fancying myself quite the expert on the subject, but hey, who says there's no room for a little community chitchat, right? This time it's about SAML and its implications on an SAP system....
Hello Community,
I have a question for SAP Analytics Cloud experts regarding SAC Live Data Tunnel Connections in conjunction with the Cloud Connector (CC) and Principal Propagation (PP) for a S/4HANA on-prem system (Embedded BW). We are currently i...
[Last Update 2024.03.01]Hello fellow SAP security enthusiasts!I wanted to share some exciting news with you. I've been busy creating a couple of LinkedIn blogs that delve into the fascinating world of the SAP Secure Login Service for SAP GUI. As I wa...
Hey JC,nope, for SAP GUI you must use the SAP Secure Login Client with SNC, that is not possible with saml2 authentication, that just works for http-based applications. There is SNC (DIAG/RFC) supporting Kerberos and X.509 certs and HTTP (TLS) suppor...
Hi JC,your aim is to provide your client with a seamless and straightforward SSO/Multi-Factor Authentication scenario. It is about implementing MFA for their SAP S/4HANA system(s), whether it's through Fiori Embedded or in the Gateway (GW) is not cru...
Hi Brian, sounds like you're dealing with SAP GUI shortcuts generated via a portal or something similar. These shortcuts typically achieve SSO with trusted systems. This SSO method was once popular for easy access to SICF services (ABAP Web AS) or la...
Hi, really enjoyed watching this engaging video featuring the three of you. However, I need to point out a concern that requires a bit of digging. Starting around 34:40 in the video, you explained how to create a Conditional Access Policy for the S...
Hi Henk, you are right, certrule is only for ICM-based access (ICF-Services) based on X.509 certs (mTLS). Besides RSUSR300 (SNC1) you may want to use custom ABAPs, own tools/logic, IDM, Xiting XAMS etc. to automate SNC user mapping which is still req...