Skip to Content

Acesss Fiori Launchpad through SCP Indentity Authentication

I have now successfully setup SCP Identity authentication.

Could you please explain why I can't access access the following Fiori Launchpad (?

Error message is "Oops Site not found Sorry about this.
Either the site doesn't exist, or you don't have sufficient privileges to access it.
For more information, please
click here"

https://flpnwc-adddcbbb0.dispatcher.hana.ondemand.com/sites/adminspace

While this app (Included in the Launchpad) is fine

https://rsacreatesurvey-adddcbbb0.dispatcher.hana.ondemand.com/index.html

I could access the Launchpad fine before the authentication was setup.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Jan 26 at 12:52 PM

    Well delegating to a custom IAS tenant instead of SAP ID service means of course that different user information is likely conveyed via the SAML assertion to the application.

    In case NameID format is defined in both scenarios configured to email, then there is a chance that the user can also be identified when authenticating with a custom tenant. But it also depends on the 'local' user config on FLP side.

    I recommend to investigate the SAML assertion and escpecially have a look at the NameID information.
    You may do this best with the SAML tracer - a Firefox add-on.

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 26 at 03:07 PM

    I've worked this out now... The SAP identity provider provides a Pnumber for the users... e.g. P000001.

    You simply set this up in the roles for the Service, include SAP Web IDE and Bingo!

    It works fine...

    However, how do we use are existing On-Premise logins. E.g. I have as SAP login of an alpha-numeric string.

    Do we need to use the our own ID provider to do this?

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 01 at 05:49 PM

    Hi,

    Follow the details as below and it will start working :

    1. Create a Group in IDP and assign to the users in it.For ex : PortalAdmin
    2. Create a Group in SCP (Authorization->Trust->Groups) For Ex : PortalAdmin
    3. Do the mapping in Trust settings of SCP .Refer the below SS

    4. Assign the group PortalAdmin to the roles(WEB_CONTENT_EDITOR,TENANT_ADMIN) in Configure portal of Portal Service.Refer the below SS.

    Logout SCP and relogin to the Portal Service it should work. :)

    Add comment
    10|10000 characters needed characters exceeded