cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Asset Manager Basic authentification

aliaksandrvoranau88_
Explorer

on ‎03-15-2022 7:22 AM

0 Kudos

Dear community,

Have faced with authorization problem especially with aithorization in SAP AM

2022-03-15-10-17-13.jpg

So can we for all user set up Basic authentification to log in application?

Is this sequence correct ?

1-create users in back-end s4

2-login from mobile device via qrcode with login and password from back-end (it's not working unfortunately)

Or do we need principal propagation setting and link users and emails in BTP to use Basic authentification

Thank a lot

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

james_murphy01
Product and Topic Expert
Product and Topic Expert
‎03-15-2022 10:19 AM

Hi Alexander,

If you use Basic Auth, all users on the app will use the Basic Auth Credentials to log onto the Backend system. Therefore all users will get the same data. regardless of their User ID to logon to the App/Mobile services. As a result this is not recommended fro Prod systems. as all users would get the same list of Work orders etc... assigned to the User cred maintained under Basic auth in Mobile services.

For the second step, this will depend on the iDP you have set up with Mobile services.
SAP IDP , then you will need a S-User or SAP ID user email and associated credentials.

Corporate IDP; then you will need your corporate User credentials to logon. ( sometimes same as backend user if the backend is also connected to the IDP)

The PPROP in either case will then pass on down the User name or Email based on SCC config. this is then mapped to the backend user in CERTTULE.

The QR Code for onboarding just points the app to Mobile services and the right app endpoint and IDP Config.
Mobile services hands off tot he IDP for authentication. Then once the user is authenticated the IDP redirects the user back to Mobile services.

Hope this helps clear up the process.

-James.

Show replies
Show replies
aliaksandrvoranau88_
Explorer
‎03-15-2022 2:02 PM
0 Kudos

thanks you very much

fjcvsap
Participant
‎06-25-2022 11:23 AM
0 Kudos

Hi e.janarthanan

For Principal Propagation you say that "No you shouldn't login SAM application with back-end credential." , But is possible? In my case the users does not have s-user and they are not in the Active Directory, they only have a Sap ECC User and we want to login into SAM with their users and password. Actually the CC and backend is setup rule base of Sap User but is not working. How should I configurate the CC and Backend credetials in CertRule.

Thank you very much.

Show replies
Show replies
JanarthananE
Contributor
‎03-15-2022 9:26 AM
0 Kudos

Hello Alex,

Basic Authentication is default authentication to test application end to end and not recommend for end user usage. let me give my best of knowledge answering your questions

Is this sequence correct ?

"1-create users in back-end s4" - yes you can go ahead and create users in s4hana ( Assuming you are using S4/HANA as backend system)

"2-login from mobile device via qrcode with login and password from back-end (it's not working unfortunately)" - No you shouldn't login SAM application with back-end credential. it should be S-user ID or email ID associated with S user.

"Or do we need principal propagation setting and link users and emails in BTP to use Basic authentication" - Yes please config principal propagation and set link to users and emails in BTP to use SAM application sync via QR-Code.

Kindly refer standard SAM application configuration/installation guide.


Best Regards,

Jana

Show replies
Show replies
aliaksandrvoranau88_
Explorer
‎03-15-2022 2:02 PM

thanks you very much

Ask a Question