on ‎2023 Nov 01 1:15 PM
Hi All, can you please explain as to why the users will need to be in IAS for a IDP for Context "Group" and 'User type'. The same is mentioned in
Add a New Authentication Rule | SAP Help PortalRequest clarification before answering.
Hi Plaban,
if you provide more details about your requirements and objectives here, we might be able to provide a better answer. The presence of (one or many) external IDPs does not exclude the fact of having users in IAS. What I mean is that even if the user needs to be present in IAS (referring to the user profile and not necessarily that they need credentials or need to log in with this user), there is still a need for and benefit to having an external IDP for authentication justified.
Conditional Authentication Rules, as the name implies, require certain conditions. For example: I have an application and want to redirect all users from the "Company_XYZ" group to the Corporate IdP. To do this, groups/users need to be created in IAS or provided via SCIM. Then, when the user accesses the application, they provide their login identifier, and it is checked whether this user in IAS is a member of this group. If yes, their AuthNRequest is forwarded to the external IDP.
Makes sense?
Cheers Carsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| User | Count |
|---|---|
| 8 | |
| 5 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.