Skip to Content
1

Access BOC from a third party application and maintain users

Mar 07, 2017 at 05:09 AM

147

avatar image
Former Member

Is there a way to access BOC from a third party application?

Scenario: Customer has an application where users are created and maintained.

They would like to provide a link on the application that will bring users to a BOC story

If a user is created they must be added to a role or team that will be used for row level security.

The application is also a hosted app used by multiple customers, no active directory.

BOC would fit the rest of their requirements but SSO from their app is and important one I'm not sure is possible at this stage.

Any ideas appreciated.

Colm.

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

4 Answers

Best Answer
John Leggio
Mar 08, 2017 at 04:35 PM
0

Hi Colm,

We support a custom identity provider (IDP). However, existing SAP BusinessObjects Cloud users must have a corresponding user account in your custom SAML Identify Provider (IdP).

See this link for more details:

https://help.sap.com/http.svc/rc/00f68c2e08b941f081002fd3691d86a7/release/en-US/3651184dad944aa2b361ad029a7a8cae.html?search=IDP

We support default roles allowing a user to request specific roles.

HTH

Show 2 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Thanks John,

How does this work for new users?

Initially there will be no users in BOC, if a new user is created in the Identity provider does it also have to be created in BOC?

Maybe I'm missing something obvious but I can't seem to get an answer to this from the documentation.

Colm.

0

Yes they need to be added to the Identity provider and they need to be added to BOC as well.

0
Tammy Powlas
Mar 07, 2017 at 09:56 AM
0

Colm,

I don't see how this is possible today; perhaps add this as a suggestion to Idea Place at https://ideas.sap.com/boc

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Mar 08, 2017 at 12:04 AM
0

Thanks Tammy,

I'm thinking now in the lines of HANA, (Client is open to HANA as part of the solution)

Hana user creation and role assignment could be done via code(as far as I understand)

Security could then be managed with Hana views and leveraging row level data access mapping tables.

Then live SAML SSO between BOC and Hana, not sure if that would work or does the user need to be created first in the BOC side?

Import might be possible if we dump a csv file of all new users...Not sure if that will fly with the client.

Manual is just not an option, many many thousands of users.

Other Option is BO enterprise where anything is possible but I believe an SAP sales person has told the client BOC would work....

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Mar 13, 2017 at 12:08 AM
0

Thanks John,

How does this work for new users?

Initially there will be no users in BOC, if a new user is created in the Identity provider does it also have to be created in BOC?

Maybe I'm missing something obvious but I can't seem to get an answer to this from the documentation.

Colm.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Yes they need to be added to the Identity provider and they need to be added to BOC as well.

0