cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

GRC integration with non-SAP systems and identity access management tools

former_member614968
Discoverer

on ‎2019 Jun 12 1:12 PM

4,436

We are in need of integrating one SAP GRC system with non-SAP systems.

The scenario would be:

-IAM (identity governance system) integrated with GRC (non-SAP IAM)

-Non-SAP systems connected to IAM and GRC The IAM system would be use for user provisioning and access management so in this scenario we would like to know how this could be integrated with GRC

1) Is it feasible to integrate non-SAP systems with GRC?

2) Do you have any documentation on GRC integration with non-SA P systems?

3) For which operations would it be feasible to integrate GRC with non-SAP systems: provisioning, access risk analysis, access request, etc?

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
former_member614968
Discoverer
‎2019 Jun 13 12:01 PM
0 Kudos

Thank you very much Madhu.

So currently there is no need to integrate with partners like Greenlight or any other vendors?

Kind regards.

teodoro_d_araysa
Explorer
‎2024 Jul 29 4:48 PM
0 Kudos
S0016728155

Accepted Solutions (0)

Answers (3)

Answers (3)

former_member614968
Discoverer
‎2019 Jun 13 12:02 PM
0 Kudos

Thank you Ramesh.

Note 2654856 refers to SAP Cloud only. Is it not possible to plug-in non-ABAP systems in GRC 12.0 if you do not have this?

Kind regards.

Show replies
Show replies
former_member612251
Participant
‎2019 Nov 14 10:00 AM
0 Kudos

Reading the following links in that note, it specifies that you can integrate into non ABAP systems using IAG. SuccessFactors is listed in the integrated scenarios with IAG but my understanding is that GRC12.0 comes with the provisioning framework for SF as standard? Does anyone have any confirmed documentation on this?

madhusap
Active Contributor
‎2019 Jun 12 3:35 PM
0 Kudos

Hello,

I have worked on SAP GRC integration with a bespoke systems and Non-SAP systems in one of my past projects and currently working on one project as well. Like everyone initially I also did my research on the Greenlight connectors, AVM solution and various other options. However, SAP has already provided the required framework which can be used for integrating with Non-SAP systems.

I strongly recommend making use of the existing framework but your target system authorizations should be designed like SAP authorizations at least at transaction level or you need to do some normalization activity to match your target system authorizations to GRC sync tables.

For example: Class: CL_GRAC_AD_ACCESS_MGMT_RFC (Contains all User related Create, Change, Lock, Unlock, Assign methods for user maintenance in RFC systems) Similarly class CL_GRAC_AD_ACCESS_MGMT_WS contain interfaces related to Create, Change, Lock, Unlock, Assign methods for user maintenance in target systems via Webservices).

You need to get the web services created in target system similar to GRC input and output structures and then call those web services which will perform required actions.

Same options are available for Sync Jobs, Risk Analysis also.

Regards,

Madhu Sai

Show replies
Show replies
madhusap
Active Contributor
‎2019 Jun 14 9:11 AM
0 Kudos

Hello,

This is not a conclusion for not using Greenlight connectors. It's just that you can develop your own APIs and can use them. If provisioning can be manual, you also can look into the details I discussed in the following blog:

https://blogs.sap.com/2019/04/30/grc-10.010.112.0-grc-manual-provisioning-for-non-sap-systems/

Regards,

Madhu

RameshVithanala
Active Participant
‎2019 Jun 12 1:52 PM
0 Kudos

Refer to the following SAP Notes

2600265 - SAP GRC Integration questions
2654856 - connecting non-ABAP system from GRC12.0

Thanks

Ramesh

Show replies
Show replies
Ask a Question