SAP single sign on options

krishg · ‎06-07-2016

We want to enable single sign on for our ECC systems. Our ECC systems user accounts are different from our windows account. We can maintain the windows account id in the ALIAS field of the user account. We are hoping to leverage this ALIAS field for single sign on.

These are the potential scenarios that needs to be handled.

1) From Cloud solutions to log on to ECC systems

2) External facing portal to ECC systems

3) Log on to ECC via SAP gui.

Do we need SAP single sign on product to make this happen? Or is there tools like OKTA that can provide the same service. We are trying to determine which would be the best option for our use case. Thanks.

donka_dimitrova · ‎06-08-2016

Hello Krish,

You can use SAML technology only for SAP GUI for HTML. If you want to implement SSO for scenarios that include SAP GUI for Windows, you need to have a solution that supports SNC with Kerberos or X.509 Client Certificates. The SAP Single Sign-On product (license required) supports both technologies and also could help you to implement "One login" for your SAP GUI scenarios if the primary authentication service for your company is SAML based.

See the details here:

What Is Secure Login? - SAP Library

Here are the details how to do the user mappings User Mapping - What Is Secure Login? - SAP Library

Regards,

Donka Dimitrova

tim_alsop · ‎06-07-2016

You can use OKTA as an IdP and logon to HTTP enabled applications with SAML 2.0 protocol. This will not help you with SAP GUI though, so I recommend you use an SNC library to authenticate the user against Active Directory (using Kerberos) for SAP GUI logon.

Thanks

Tim

SAP single sign on options

Accepted Solutions (0)

Answers (2)

Answers (2)

Re: Crystal Reports

How can we do error handling in an interface on pu...

Re: Bind App to hdi-container with specific role o...

Re: Filter on multiple criteria

Re: ODATA V4 RAP - How to retrieve messages in res...