Skip to Content

Using SAP Analytics Cloud as an Identity Provider

Hi,

I've got users that are defined only at the SAP Cloud Analytics system.

Also, I have an application that is running on SAP Cloud Platform. Both part use the same HANA database on the SCP.

And I want them to be able to login with their SAC users to my custom application.

Is it possible to use SAP Analytics Cloud as an Identity Provider for SAP Cloud Platform ?

If not, what are the best practices for managing authorizations and authentications ?

Thanks,

Huseyin.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Oct 10, 2017 at 11:58 PM

    Hi Huseyin Dereli ,

    SAP Analytics Cloud (SAC) is not an Identity Provider but a service provider. What SAC is using is SAP Cloud Identity as its SAML IdP. When we connect to HANA in SAPCP, we act as a SAML Service Provider, as indicated in my blog (step 2.3): https://blogs.sap.com/2016/11/27/sap-businessobjects-cloud-live-data-connection-to-sap-hcp-with-sso-simple-urls/

    If you were trying to use SAC as your IdP it shouldn't work as we exchanged the metadata XML only in that specific connection.

    If you try to login directly in your application, your users will be redirected to the SAP Cloud Id used by SAC and your application will be rejected as it is not a service provider trusted. You can't exchange XML with it.

    A solution can be using your own SAML IdP in both: HANA and SAC. You can use AD FS, an SAP Cloud Identity tenant, etc.

    Regards,
    Julian

    Add comment
    10|10000 characters needed characters exceeded

  • Oct 08, 2017 at 07:12 PM
    Add comment
    10|10000 characters needed characters exceeded

  • Oct 09, 2017 at 08:56 AM

    Hi Tammy,

    I've read these blogs. Both of them are really helpful but also both of them uses different Identity Providers, not SAP Analytics Cloud itself.

    Thanks for your quick response.

    Add comment
    10|10000 characters needed characters exceeded