Skip to Content

Single Sign on between Azure AD and SAP Cloud Platform

Hi All,

I recently configured the SSO between the SAP Cloud Platform and Azure AD.

When i try to access the SAP Cloud Portal, the url is redirected to the AZURE AD authentication and it successfully validates and returns me a valid SAML response with the GivenName/Surname/emailaddress/name. However i am still getting the SAP cloud login authentication dialog box.

what configuration should i do to make sure that my AZURE authentication is used properly and the cloud platform does not popup the user authentication dialog box.

Thanks in Advance

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Nov 28, 2017 at 09:27 AM

    Hi George,

    The following documentation may be of help in configuring Azure:

    Configuring IDP-Initiated SSO with corporate identity providers

    Configure trust with corporate Identity Provider

    If possible, it is also recommended to use the SAML tracer extension for either chrome or firefox in order to see what happens the SAML token throughout the authentication process and to see why you get directed to the login page instead of being signed in.

    Best Regards,

    Brendan

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 21, 2017 at 12:25 PM

    Dear George,

    Could you please advise if it is your cockpit that is still pops up the user authentication dialog box or a specific application?

    As authentication to the cockpit is possible with S user only regardless the Trust configuration of your SAP Cloud Platform account.

    Thanks for the information,

    Emoke

    Add comment
    10|10000 characters needed characters exceeded

    • HI Emoke,

      Thank you for the reply, i thought i would never see any reply :-).

      It is the SCP cockpit that pops up the user authentication.

      How do i make sure that SCP uses the authentication token which was sent by Azure and not popup the user authentication dialog box? because if i have to authenticate twice then what is the point of single sign on?

      Thanks,

      George.

  • Jun 18 at 03:03 AM

    Hi George,

    I think this is possible now in SCP using "platform identity provider" & "platform roles".

    Platform identity provider:

    https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/80edbe70b8f3478d8a59c21a91a47aa6.html

    Managing Member Authorizations:

    https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/a1ab5c4cc117455392cd0a512c7f890d.html

    Regards,

    Parthiban

    Add comment
    10|10000 characters needed characters exceeded