Integration Blog Posts
Whether you’re a beginner or an experienced developer, this page is your go to resource for how to guides & tutorials, FAQs, and feature highlights
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Introduction to Group Management in SAP Integration Suite, Advanced Event Mesh

FlorianOkos
Product and Topic Expert
Product and Topic Expert
‎2025 Mar 20 1:14 PM
691

With the latest enhancement of SAP Integration Suite, advanced event mesh, the Group Management feature is now available. This feature simplifies the user access management to AEM by providing a access grouping mechanism for external identify services (e.g. SAP IAS) . In this blog, I will explain step by step how to set up and use Cloud Group Management.

Why Group Management?

Previously, administrators had to manually create user & user roles within SAP Integration Suite, advanced event mesh, which quickly became consuming and not always aligned with customer user access guidelines . With Cloud Group Management, you can logically group access permissions, optimizing management and security settings.

 

Step-by-Step Guide to Setup

1. Create a Cloud Group

  1. Log in to the to your Advanced Event Mesh service.

  2. Navigate to Account Details, User Management to User Groups section.

  3. Click on Create New Cloud Group and define the groups you would like to use

CreateViewerGoup.png

In my case I have created a "Viewer" role only, which will allow users to access the Event Portal, the Broker settings and the Datadog, but not to perform any changes.

2. Manage Claim Mapping

After you create user groups, you can map claims from your IdP to the groups. Align claims from your identity provider to your available user groups to automatically assign roles to group members. 

  1. Navigate to Group Management 

  2. Add Claim_Value and the defined role from section 1

ClaimVlaue.png

(Optional) Select Enable Just-In-Time provisioning to allow users who are able to authenticate with the identity provider to log in to Advanced Event Mesh and be added to a group without being manually invited first.(Optional) Select Customize Default User Group and select a user group from the Default User Group drop-down list. When selected, if no defined claim mappings match the user claim value, the user is added to the specified group. When not selected, if no claim value for the user is mapped to a user group, the user is denied access to advanced event mesh.

3. Manage User & Permissions in IAS

  1. In SAP IAS, ensure that you create a group with exactly the same group name defined in AEM.

  2. Assign group to users, which should get "Viewer" access. In my case I take a personal mail address.

USerGroupIAS.png

4. Access and Check the role

Time to test, access your AEM application. 

Login.png

And double check your account and the assigned roles

SignIN+.png

 

With Cloud Group Management in SAP Integration Suite, advanced event mesh, managing user access becomes significantly more efficient. Groups simplify organization, enhance security, and reduce administrative effort. Try it out and integrate it into your event-driven architecture!

Do you have any questions or comments? Feel free to share them in the comments!

 

2 Comments
Labels in this area
Popular Blog Posts
Top kudoed authors
View all