cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Use SAML2 on SAP ABAP

Go to solution
former_member182832
Participant

on ‎2018 Mar 31 9:26 AM

0 Kudos
782

Hi,


We are planning to activate SAML2 on SAP ECC system. Identity provider will be Windows AD FS. So I want to know if only activating SAML2 on SAP ABAP as a service provider will not require a Licence. Normally we are not using SAP SSO product in this case and we only delegate authentication to another tier for web scenarios using SAML2 standard.

Does anyone can help on this?

Thank you and regards,

Mehdi.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
cris_hansen
Product and Topic Expert
Product and Topic Expert
‎2018 Mar 31 8:01 PM
0 Kudos

Hi Mohamed,

Please go through SAP note 1257108, a SSO troubleshooting note.

Please check this documentation too. Here you will find how to configure SAML 2.0 on the system and how to enable ICF services for SAML 2.0 authentication.

If you are using a proxy please also check this wiki.

You can also check the wiki for SAML 2.0 on ABAP server and also a wiki for troubleshooting on SAML 2.0 scenarios.

Regards,
Cris

Show replies
Show replies
former_member182832
Participant
‎2018 Apr 01 12:45 AM
0 Kudos

Thank you Christiano.

As I understand from SAP Central Note 1848999, server to server communication does not require extra licenses which is the case of SAML2.

Regards,
Mehdi.

cris_hansen
Product and Topic Expert
Product and Topic Expert
‎2018 Apr 01 4:20 PM
0 Kudos

Hi Mehdi,

As it is not a separate product, then no, no need for a new license.

Only if you decide to use the SAP SSO v3.0 product, then separate license is required.

Regards,

Cris

former_member182832
Participant
‎2018 Apr 01 8:46 PM
0 Kudos

Hi Christiano,


Thank you for the information. In my case there is no need for the SSO3 product. Only the activation of SAML2 with an existing AD FS as an IDP is required by the customer.

Regards,
Mehdi.

Ask a Question