cancel
Showing results for 
Search instead for 
Did you mean: 

SAP Identity Authentication vs. Local Identity Directory - Differences

tskwin
Participant
0 Kudos
161

Hello All,

What is the difference between SAP Identity Authentication and Local Identity Directory in SAP IPS/IAS ?

In both cases, users are stored in SAP IAS, but I don't understand the difference and when each solution should be used.

Thank you very much!

 

BEst Regards

View Entire Topic
Amin_Omidy
Active Participant
0 Kudos

Hi tskwin,

SAP Cloud Identity Services includes three components:

1.Identity Authentication Service (IAS):
IAS is a cloud based SAML2 identity provider that offers an Identity Service tailored to business processes, applications, and data. It delivers single sign-on and seamless integration with both SAP and non-SAP applications, whether they are in cloud or on-premises. But its primary features more than a authentication task.
2.Identity Provisioning Service(IPS):The Identity Provisioning Service (IPS) can effectively oversee and automate identity lifecycle processes for both cloud and on-premises environments. IPS also takes care of the seamless provisioning of users and groups, ensuring a smooth transition from source to target systems.
3.Identity Directory: It is a repository (database) stores and persists user data, attribute and group assignments offering a System for Cross-domain Identity Management (SCIM) API for the management of resources, including users, groups, and customized schemas. The provisioning of these entities to and from the directory is guaranteed by the Local Identity Directory connector within the Identity Provisioning service. Upon the creation of a new user, the directory generates a Global User ID, which serves as the distinctive user identifier across the landscape. Identity Provisioning subsequently distributes this Global User ID to SAP cloud applications.
Please check my blog for further detailed explanation of each with diagram.
Hope this helps,
@Amin_Omidy