Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
former_member456023
Contributor
In continuation with my earlier blog on SAML integration between SAP Analytics Cloud and ADFS.

https://blogs.sap.com/2017/12/19/sap-analytics-cloud-saml-sso-using-adfs-active-directory-federation...

In this blog, we will see how to integrate SAP Analytics Cloud (formerly known as SAP Business Objects Cloud) with Microsoft Azure Active Directory.

You get the following benefits when you integrate SAP Analytics Cloud with Azure AD:

  • In Azure AD, you can control who has access to SAP Analytic Cloud.

  • You can automatically sign in your users to SAP Analytics Cloud by using single sign-on and a user's Azure AD account.

  • You can manage your accounts in one, central location, the Azure portal.The scenario outlined in this blog consists of two main building blocks:

    1. Add SAP Business Object Cloud from the gallery.

    2. Set up and test Azure AD single sign-on.




Let's see step by step configuration.

We will start with Microsoft Azure portal configuration.

Microsoft Azure Portal Configuration

  1. Access and login into Azure portal

  2. Goto Azure Active Directory --> Enterprise Applications --> All Applications




  1. New Application – In the All Applications window, click on New Application




  1. New Application – SAP Analytics Cloud is available in gallery with name SAP BusinessObjects Cloud.


Goto Add from the gallery and search SAP, it will list all the SAP applications available in the gallery, select SAP BusinessObjects Cloud



  1. Add an Application - Provide application name and click on Add.


Ex- SAP Analytics Cloud



  1. Assign user – After adding the SAP Analytics Cloud it will be listed / available in All Applications.


Click on SAP Analytics Cloud  --> Users and groups – Add user

Assign the Azure directory user / Domain user to the application



  1. SAML configuration


Click on Single Sign-on and select SAML-base Sign-on from the drop down for Single Sign-  on Mode



Enter the information in SAP Analytics Cloud Domain and URLs



Select user.mail from User Identifier



Click on "Metadata.xml" and download it your local directory. This will be used later to upload to SAC

And save

SAP Analytics Cloud Configuration

Login into SAP Analytics Cloud and select SAML

Upload IDP (Azure portal metadata) into SAC



Under User Attribute, select Email in the drop down



Verify Account



    • Before we can save the configuration we need to validate the configuration.

    • You will copy the URL from the validate window and open an Incognito tab in your browser or open a new browser window.

    • For Verify your account with the identity provider, enter e-mail ID (First.Last@.......onmicrosoft.com) of the user created within Azure




Validation

Test Azure AD single sign-on configuration by using the access panel.

Goto user access portal using below URL and login

https://account.activedirectory.windowsazure.com/r#/applications



When you select the SAP Analytics Cloud tile in the access panel, you should be automatically signed in to your SAP Analytics Cloud application.

If all the configurations are correct and verification is successful, user will be logged into SAP Analytics Cloud using SAML.

Blog By

  • Paul Dhrubajyoti

  • Mohammed Ashraf

2 Comments