cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

FIORI SSO with AD using third party IDP SAML

former_member609297
Member

on ‎04-26-2019 3:16 AM

0 Kudos

Hello Experts,

I have a need to set up Active Directory Authentication for SAP FIORI with third party IDP using SAML2 authentication. It would look something like this -

User logs in to the corporate network and types in the FIORI launchpad url in the browser which directs them to the third party IDP for authentication and lands to the FIORI launchpad home page.

Here our third party IDP is already integrated with AD.

My questions is do we need to integrate our NW GW server as well to the AD or the AD integration of third party IDP is sufficient for this?

Regards,

Sourabh Majumdar

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

gregorw
Active Contributor
‎04-26-2019 6:33 AM

The users in your SAP Gateway / SAP Fiori Frontend Server (FES) must have at least one attribute (Username, Alias or E-Mail) matching with what is maintained in the Active Directory. Such attributes can be provided by the IdP using SAML assertions and then matched to the SU01 user attribute. You only have to get the SAML authentication between the AS ABAP and 3rd Party IdP going.

Show replies
Show replies
former_member105680
Active Participant
‎04-26-2019 3:30 PM
0 Kudos

Hi Sourabh,

See blog below for detailed steps on how to do this:

https://blogs.sap.com/2018/01/26/fiori-launchpadsso-made-easy-by-saml-2.0-with-adfs/

I hope this helps.

Aziz

Show replies
Show replies
Ask a Question