Security Assertion Markup Language (SAML) has been a reliable method for enabling Single Sign-On (SSO) between Identity Providers and Service Providers. However, the industry is gradually shifting towards more modern and robust standards, such as OpenID Connect (OIDC).
Customer Impact
From December 2024, SAML trust configuration will be deprecated for user-interactive authentication in the BTP Cockpit. Existing SAML trust configurations affected by this deprecation will remain functional after the deprecation date, but support will be limited to security-related fixes only. Consequently, all SAP Intelligent Clinical Supply Management customers currently using SAML are strongly encouraged to migrate to OIDC.
Why OIDC?
- Improved Security: OIDC builds upon OAuth 2.0, offering enhanced security features.
- Better User Experience: It provides a more streamlined and user-friendly authentication flow.
- Widespread Adoption: OIDC is widely supported across various platforms and services, ensuring greater compatibility and ease of integration.
How to Do It
To support the transition, SAP Business Technology Platform (SAP BTP) and SAP Identity Authentication Service (SAP IAS) offer comprehensive documentation and tools. For detailed guidance, refer to the Migration from SAML Trust to OpenID Connect Trust with SAP Cloud Identity Services.
Relevant Documentation Links
