on 08-09-2018 7:00 AM
Hello Experts,
Can yM use any other idp tool other than SAP Idp? Our client has already existing SAML2.0 authentication mechanism, Can it be used for authentication ?if Yes, do we have any guidelines? I am using yM cloud.
maik.offerle / anton.peters : I have achieved integrated Cloud application with my C4C test system with On Prem Active Directory. SAP IDP acts as a proxy.
I have written a blog please refer. hope it helps:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Mayank,
The only way of authentication is SAML 2.0 assertions (SSO), based on SAP Cloud Identity
Thank you.
Best Regards,
Kunal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Mayank,
yes, that is from my point of view how you can do it. Set up the SAP Cloud IdP just in way to forward the authentication message. Like a proxy...
See the below links for Azure Active Directory:
Best regards
Maik
Hello anton.peters / johannes.hirling ,
I have configured the On Prem Active directory and the IDP as a proxy to authenticate the Users.
So what we is achieved is- A user can login into C4C or marketing application without his id created in IdP. Once the user challenges for the credentials, the user will be created in idP and hence he can login into cloud application such as C4C with the credentials maintained in AD.
My next query - Is there any possibility that if I open the C4C link when I am in VPN network then it should automatically open the C4C screen without asking the password.
The password was already entered when we enter into the network and hence therefore if we click any application which is accepting the AD password shouldn't be asking for password again?
Any thoughts?
thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Mayank,
please find here the explanation how to set up single sign on for azure active directory.
I guess something similar should be possible for onprem.
Best regards
Maik
Hi johannes.hirling ,
if I am not mistaken, you validated using another IDP at one of our EU clients.
Is this correct? If yes, can you please briefly share your findings.
Thanks, Anton
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Mayank,
yes, that is from my point of view how you can do it. Set up the SAP Cloud IdP just in way to forward the authentication message. Like a proxy...
See the below links for Azure Active Directory:
Best regards
Maik
Maik answered this already. In the case of Microsoft Azure IDP, Microsoft Azure AD and be configured to build trust with SAP Cloud Platform Identity Authentication. Microsoft Azure AD is used as the main IdP where SAP Cloud Platform Identity Authentication acts as a proxy IdP.
Hi mitmayank_bluleader ,
if the above helped, please mark the question as answered.
Thanks, Anton
Thanks anton.peters , johannes.hirling , maik.offerle .
I will check with client's current Active Directory and let you know. Hopefully this should resolve our query.
Thanks,
Mayank
User | Count |
---|---|
5 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.