Skip to Content

Group assertion attribute mapping for ADFS for SAP Cloud Platform trust settings

Hi

Currently configuring SAP Cloud Platform Trust settings (for a sub-account) but cannot get the group assertion attributes to come through automatically. I can see the AD groups come through in the SAML trace however the correct security role is not being assigned. Additionally, when we configure additional group settings in ADFS I get the following error which basically stops access to all services in the sub-account which is really annoying.

HTTP Status 500 - An internal application error occurred. Request: 793462237

I successfully login with my AD credentials but after that when re-directing to the service (e.g. Portal Service) it comes up with the above message.

There are a large amount of groups coming through from AD but cannot seem to authenticate properly.

Any help in mapping the assertion attributes and the group mapping would be appreciated. I've carried out this config many times with SCI and other iDP's but not with ADFS so need a little help!

Thanks & Kind Regards

Phil Cooley

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Feb 26 at 11:47 AM

    Hi Phil,

    I have found the below link that describes how to configure the user attributes.

    https://help.sap.com/viewer/6d6d63354d1242d185ab4830fc04feb1/Cloud/en-US/d361407d36c5443298a909acbbd96ec4.html?q=assertion%20attribute

    I hope this solves the issue you are having,

    Best regards,

    Gerald Fletcher

    Add comment
    10|10000 characters needed characters exceeded