Skip to Content
Former Member
Jan 27, 2017 at 03:11 PM

Fiori SSO with SAML2 with Touch ID support for Authentication

1664 Views Last edit Aug 30, 2017 at 06:41 PM 5 rev


We recently implemented standard Fiori Apps with SSO with MS ADFS ( 3.0 ) using SAML2 which works seamlessly. We are on SQL DB with NW 7.4 This is how they use it using their SAP FIORI Client

1. Users login to FIORI Client, set up the launchpad URL , set their passcode and enable their Touch ID( On iOS devices) .

2. Once they login they see a ADFS landing page where they enter their AD credentials and they are authenticated right through to the Fiori Launchpad .

Now if they either chose to logoff from the Fiori launchpad or close the app ( upswipe the app) the session is killed and they need to relogin at the ADFS screen.

In this case since they want to relogin just using their touch ID instead of having to revalidate again at the ADFS screen just like the behaviour of any typical banking apps supporting touch ID.

I know this is the standard behaviour and the standard SAP FIORI client is not robust enough to handle the biometrics i would like to know how can we achieve this requirement. As i know we need to build a custom client to achieve this but it would be great if someone can give me a complete flow of how this can be achieved.

Any suggestions or comments are highly appreciated.