We have a situation in our project where we have 2 different user IDs for the same user in 2 different systems.
In S/4 HANA, user ID is in the format U123456
In Ariba, user ID is the email address, e.g. firstname.lastname@example.org. This is a mandatory requirement for SSO in Ariba because of how the customer's landscape is set up.
We are trying to configure cross-system risk analysis between these two systems using Identity Access Governance (IAG), but since the user IDs in the two systems is different, IAG will not be identify them as the same user and cross-system analysis will fail.
1. Do we have a feature in IAG which allows mapping of different IDs for the same person under one master user ID, e.g. similar to this feature in GRC-AC?
2. If a feature does not exist, is there any scope of performing customization/development on IAG to switch the ID of a user when the data is transmitted from (a) Ariba to IAG (b) GRC repository to IAG and (c) ABAP system to IAG?
Any help would be appreciated. Thank you!