With SAP Business One FP 2208 we launched the Identity and Authentication management (IAM) solution (here's my first blog on this topic). For the first time in the history of SAP Business One, we introduced the option to sign-in to SAP Business One and its core components with an external Identity provider (using OpenID Connect protocol) and directly leveraging from enhanced security features such as 2-Factor-Authentication (2FA).
Following a successful launch of IAM and positive market reaction, with SAP Business One FP 2305 we are taking IAM to the next level. I am excited to share with you the latest highlight making implementation and consumption of IAM in SAP Business One easier now more than ever!
Two-Factor Authentication – introducing 2FA within SAP Business One authentication service
The localization and version information are visible in the Choose Company window when you log into SAP Business One client, mobile service and IMCC
Introducing “Change password” option on the login page when you log into SAP Business One with the bound user account
Supporting Single Logout - the identity provider logs you out of all SAP Business One Web-based pages in the current identity provider login session in the same Web browser
When you log into SAP Business One client, the company that you log in last time is selected by default in the Choose Company window
Bind users from SAP Business One Client directly
Binding step introduced during New Company Creation
Multiple company user binding - select more than one company when binding an IDP user to a same company user
Enhanced UX - when binding an IDP user to a company user code, if the user code is newly defined for all selected companies, the label (New) shows after the user code. The default user code is the IDP user name
External IDP Support
Newly Supported IDPs:
SAP IAS (Beta)
Browser Access Service
Browser Access Service Process Monitor
Electronic File Manager: Format Definition (EFM)
Electronic Document Service (EDS)
SAP Crystal Reports, version for the SAP Business One Application
SAP Business One Studio Suite
For more information about components supported by IAM inSAP Business One, see SAP Note 3252125
Newly Supported Components for IAM
You can log into Service Layer with a Windows domain user account after activating Active Directory Domain Services and binding its users to company users.
Watch the video below (06:46 min) for a demo on latest IAM features introduced with FP 2305
For further reading, be sure to checkout the latest "Identity and Authentication Management" How to Guide, walking you through implementation, usage and troubleshooting steps of IAM in SAP Business One.
Hope this Blog was useful to you as an overview on latest Identification and Authentication Management features introduced with SAP Business One FP 2305. I look forward to hear about your experience from working with IAM in SAP Business One, be sure to leave your feedback in the comments section below.