Skip to Content

Single Sign on between Azure AD and SAP Cloud Platform

Jun 02, 2017 at 08:33 PM


avatar image

Hi All,

I recently configured the SSO between the SAP Cloud Platform and Azure AD.

When i try to access the SAP Cloud Portal, the url is redirected to the AZURE AD authentication and it successfully validates and returns me a valid SAML response with the GivenName/Surname/emailaddress/name. However i am still getting the SAP cloud login authentication dialog box.

what configuration should i do to make sure that my AZURE authentication is used properly and the cloud platform does not popup the user authentication dialog box.

Thanks in Advance

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Brendan O'Flynn
Nov 28, 2017 at 09:27 AM

Hi George,

The following documentation may be of help in configuring Azure:

Configuring IDP-Initiated SSO with corporate identity providers

Configure trust with corporate Identity Provider

If possible, it is also recommended to use the SAML tracer extension for either chrome or firefox in order to see what happens the SAML token throughout the authentication process and to see why you get directed to the login page instead of being signed in.

Best Regards,


10 |10000 characters needed characters left characters exceeded
Emoke Gabura
Jun 21, 2017 at 12:25 PM

Dear George,

Could you please advise if it is your cockpit that is still pops up the user authentication dialog box or a specific application?

As authentication to the cockpit is possible with S user only regardless the Trust configuration of your SAP Cloud Platform account.

Thanks for the information,


Show 1 Share
10 |10000 characters needed characters left characters exceeded

HI Emoke,

Thank you for the reply, i thought i would never see any reply :-).

It is the SCP cockpit that pops up the user authentication.

How do i make sure that SCP uses the authentication token which was sent by Azure and not popup the user authentication dialog box? because if i have to authenticate twice then what is the point of single sign on?