SAP Single Sign-On - Mobile Overview

The SAP Single Sign-On solution brings simplicity for your end-users by eliminating the need for multiple passwords and user IDs. In addition, you can lower the risks of unsecured login information, reduce help desk calls, and help ensure the confidentiality and security of personal and company data.

In order to meet evolving security demands, you can extend your single sign-on solution even further and offer your end-users mobile single sign-on. Your mobile users will have only one password to remember, less typing of complicated user IDs and passwords, and more time for actual work!

SAP Authenticator

SAP Single Sign-On offers a lean solution for single sign-on on mobile devices: SAP Authenticator. The solution is based on time-based one-time passwords (TOTP) generated by the SAP Authenticator mobile app.

The SAP Authenticator mobile app is available for both iOS and Android, and supports the IETF standard RFC 6238. SAP Authenticator supports browser-based applications, the SAP Fiori client, and customer-developed mobile apps. It can also be combined with two-factor and risk-based authentication.

Mobile SSO based on Secure Login Server

The Secure Login Server allows you to provision X.509 certificates to mobile devices in multiple ways. In the past, you could use the Simple Certificate Enrollment Protocol (SCEP), which is supported by iOS. SAP Single Sign-On 3.0 now also supports the provisioning of X.509 certificates to a mobile device via the SAP Authenticator mobile app for iOS. You can now even develop your own custom code for certificate enrollment using the REST API provided by the Secure Login Server.

Optionally, customers can integrate Secure Login Server and the SAP Mobile Platform, and benefit from a seamless user experience for mobile applications.