2019 May 14 8:17 AM - edited 2024 Feb 03 7:46 PM
Hi,
Can anyone share the documentation to configure SSO for S4HC.
Regards
Hem
Hi sean.durr1
Yes, your understanding is right, 2FA is an additional security layer to protect user accounts and is independent of SSO effort which is set up at the Org level. I mentioned 2FA if customer dont prefer to use any SSO authentication.
Now, the blog shared above gives a Great insight and can potentially serve as a reference document. SAP Cloud Connector is needed as for any cloud Application to communicate with the On premise, we need Cloud Connector that act as 'tunnel' between two different landscape( on premise and Cloud)
The blog highlights Cloud 4 Customers as an example, but with S4HANA Cloud the approach is the same: you should have access to cloud Application for S4HANA Cloud in IAS. I have attached part of what is needed on the S4HC and you can refer back to the blog to complete the set up.
Thank you!
Amith Nair
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Amith,
Thanks for your feedback so far, it's been very helpful.
Can you just confirm in a S4HC environment where SSO has been configured to use a corporate IDP (e.g. Windows ADFS), what happens when the user does not exist in ADFS. As an example, a Business User has been created in S4HC for a 3rd party consultant, but he won't exist as a user in the corporate IDP (ADFS), so what happens when he tries to log into S4HC?
Regards,
Sean.
Hi sean.durr1
This is usually achieved using a feature in IAS called Conditional Authentication, where you could set up your rules either by email domain, user types( employees, partner etc.) IP address etc. .
For Example, in my internal test Tenant: I have classified my user as a partner, and every time a user with user type 'Partner', tries to login to the respective cloud application( say in my case S4HANA Cloud), it will prompt me into 2 factor Authentication.
You can navigate to Conditional Authentication by logging into IAS and choose the application of you want to configure and then you will see Conditional Authentication at the botoom, upon clicking, you will be able to set rules based on the Company choice of IdP you have set up.
Hope this helps!
Thank you!
User | Count |
---|---|
102 | |
8 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.