Skip to Content

Multiple ABAP clients using SAML2

Hi Experts,

question for SAML2 authenticaton (SP initiated). Is it required to enable SAML2 for every SAP client in order to use SAML2 authentication, or are there better ways?

I was not able to find information about that use case, but guess this work has to be done. In this case a 3 system landscape has 14 productive SAP clients and thus I need to setup SAML2 for every single client, exchange IDP metadata, install certs etc. Means to have at the end 42 relying party trusts in the IPD and lots of efforts for the configuration, whenever a IDP signature cert is changing or the likes.

Any documentation or best practices about that scenario available?

I know about other ways to authenticate users such as Kerberos, X.509 etc. please dont ask, it has to be SAML in this case ;)



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Mar 11 at 10:50 AM

    Hi Gregor,

    nope! It's by design. Lots of work. To avoid frequent changes at the customer we worked with self-signed certificates for SP and IDP and long validity periods.

    Cheers Carsten

    Add comment
    10|10000 characters needed characters exceeded