SSO SAML SAPUI5 AZURE AD

former_member792555 · ‎2023 Mar 29

Hello community!

I am in the middle of configuring SSO in our organizations sapui5 app.

Environment:

We have a SAP Gateway system that has a trust relationship with our SAP ECC system.

Azure AD with an enterprise app with SAML SSO configured minus the metadata from the Gateway Identity Provider.

SAP ui5 app making api calls with basic authentication

Problem:

as I am setting this up at some point I have to access T-Code SAML2. I get a 403 Forbidden.

What I have done so far:

applied permissions that allow SAML2 configuration/administration.

researched how to make a custom role and executed this with no luck still getting 403.

Has anyone had this combination of components running into simmlar issues or know how to navigate through?

Isaías · ‎2023 Mar 31

Hello Jacob,

I would say that we need to identify what component is returning the 403 code.

Do you use an Azure Load Balancer / Application Gateway? Does it allow the SAML2 URL path to go through?

Or maybe you have an SAP Web Dispatcher. Confirm that the "permission file" allows the SAML2 URL, if a permission file is configured.

Regards,

Isaías

Applying flexibility changes in fiori elements wit...