Enterprise Resource Planning Blogs by SAP
Get insights and updates about cloud ERP and RISE with SAP, SAP S/4HANA and SAP S/4HANA Cloud, and more enterprise management capabilities with SAP blog posts.
Showing results for 
Search instead for 
Did you mean: 
With SAP Business One FP 2208 we launched the Identity and Authentication management (IAM) solution (here's my first blog on this topic). For the first time in the history of SAP Business One, we introduced the option to sign-in to SAP Business One and its core components with an external Identity provider (using OpenID Connect protocol) and directly leveraging from enhanced security features such as 2-Factor-Authentication (2FA).

Following a successful launch of IAM and positive market reaction, with SAP Business One FP 2305 we are taking IAM to the next level. I am excited to share with you the latest highlight making implementation and consumption of IAM in SAP Business One easier now more than ever!

Sign In

  • Two-Factor Authentication – introducing 2FA within SAP Business One authentication service

  • The localization and version information are visible in the Choose Company window when you log into SAP Business One client, mobile service and IMCC

  • Introducing “Change password” option on the login page when you log into SAP Business One with the bound user account

  • Supporting Single Logout - the identity provider logs you out of all SAP Business One Web-based pages in the current identity provider login session in the same Web browser

  • When you log into SAP Business One client, the company that you log in last time is selected by default in the Choose Company window

  • Bind users from SAP Business One Client directly

  • Binding step introduced during New Company Creation

  • Multiple company user binding - select more than one company when binding an IDP user to a same company user

  • Enhanced UX  - when binding an IDP user to a company user code, if the user code is newly defined for all selected companies, the label (New) shows after the user code. The default user code is the IDP user name

User Binding

External IDP Support

Newly Supported IDPs:

  • SAP IAS (Beta)

  • Okta

  • Browser Access Service

  • Browser Access Service Process Monitor

  • Electronic File Manager: Format Definition (EFM)

  • Electronic Document Service (EDS)

  • Workflow Service

  • SAP Crystal Reports, version for the SAP Business One Application

  • DI Server

  • SAP Business One Studio Suite

  • For more information about components supported by IAM inSAP Business One, see SAP Note 3252125

Newly Supported Components for IAM


Service Layer

  • You can log into Service Layer with a Windows domain user account after activating Active Directory Domain Services and binding its users to company users.

Watch the video below (06:46 min) for a demo on latest IAM features introduced with FP 2305

For further reading, be sure to checkout the latest "Identity and Authentication Management" How to Guide, walking you through implementation, usage and troubleshooting steps of IAM in SAP Business One.

Hope this Blog was useful to you as an overview on latest Identification and Authentication Management features introduced with SAP Business One FP 2305. I look forward to hear about your experience from working with IAM in SAP Business One, be sure to leave your feedback in the comments section below.