Freelancers
Cancel
 Sign In
Join Now

On the 15th of July 2020, we presented the second Webinar session about “how to rapidly deliver a global commerce experience with SAP Commerce Cloud” with a special focus on B2B. If you missed the first Webinar session, you can find the link to the blog here. The presenters of the session were:

    • Ratul Shah – Senior Product Marketing Manager, SAP Customer Data Cloud

 

    • Shirly Leibovich – Profile Product Manager, SAP Customer Data Cloud

 

    • Pratik Kumar – Product Developer, SAP Customer Data Cloud & SAP Commerce Cloud

 

    • Julien Goulley – Senior Technical Architect, SAP Customer Data Cloud

In the webinar, we discussed how SAP Commerce and SAP Customer Data Clouds can be leveraged to connect SAP clients to their partners, while reducing reliance on the IT team and improving the user experience.

If you were not able to attend the live session, you will be able to find a link to the recording here

Pratik ran a live demonstration of the standard features of SAP Commerce and SAP Customer Data Clouds in the context of B2B, while Ratul, Shirly and I talked about the change of behaviour of the B2B consumers – especially during the unprecedented times following the pandemic – and how SAP Customer Experience is addressing these new requirements.

This blog post covers some of the primary functionality available to customers who have SAP Commerce and SAP Customer Data Clouds in the context of B2B. The functionality features:

    • Organization access management

 

    • User self-service and delegated administration​

 

    • Authentication management

 

    • Seamless integrations

 

    • Backoffice configuration

 

Digital Transformation

The role of SAP Customer Data Cloud for B2B in the digital architecture is to provide a centralized Customer Identity Access Management, in order to:

    • Accelerate onboarding of customer and partner organizations and users at scale

 

    • Simplify end-to-end customer and partner lifecycle management by reducing administrative overheads, complexity and costs

 

    • Protect against privacy and security risks related to sharing critical corporate resources and data

 

 

Role of SAP CIAM for B2B in the digital architecture

The following section of the blog will focus on demonstrating how SAP Customer Data and SAP Commerce Clouds can be used together to transform the customer digital processes with a special focus on the following topics:

    • Organization registration & approval

 

    • Delegated administration

 

    • Access control and enforcement

 

    • Single Sign On with Bring Your Own Identity

 

Organization self-registration & approval

As external organizations come across the brand, they might show an interest in becoming a consumer and start purchasing good via the Commerce platform. However, in the B2B context, external organizations cannot be consumers unless they have gone through registration and approval. In order to simplify the registration and approval process for both SAP customer and external organizations, SAP Customer Data Cloud allows frictionless and online self-registration via screenset.

The following screen shows the registration form directly embedded within the Commerce application:

 

Partner self-registration from Commerce application

Once the form is submitted, a new pending organization is created in SAP Customer Data Cloud for approval. The IT admin can then go through the appropriate onboarding steps and confirm the external organization is an approved partner, at which time a user is fully provisioned to the partner administrator.

It is important to note that upon organization approval, the new organization needs to be provisioned into SAP Commerce Cloud, and this is typically done via SAP Cloud Platform Integration.

Below is a high level representation of the self-registration flow:

 

Delegated Administration

The requestor details provided online at time of registration are used to provision the first member of the new organization. This member is known as the delegated administrator and can:

    • Invite/Deactivate members to/from their organization

 

    • Assign roles to their members

 

    • Trigger a password reset for any members

 

    • Complete the configuration of their own Identity Provider (Bring Your Own Identity)

The Delegated Admin Console is the user interface available to the delegated admin to perform these actions and it can be launched from the Commerce site.

It can be launched from the commerce site, as shown in the below screenshot:

And below is a screenshot of the delegated admin console:

 

Access Control

SAP Commerce Cloud has 4 roles by default:

    • Customer
        • View cost centers
        • Create and view their own orders

 

    • Approver
        • View cost centers
        • Create and view their own orders
        • Approve and reject orders according to the order approval workflow

 

    • Manager
        • View cost centers
        • Create and view their own orders
        • Approve and reject orders according to the order approval workflow
        • Manage all items with their branch of the organization tree

 

    • Admin
        • View cost centers
        • Create and view their own orders
        • Approve and reject orders according to the order approval workflow
        • Manage all items with their branch of the organization tree

Depending on the policies defined as part of the SAP Customer Data Cloud B2B configuration and the business role(s) associated to the organisation members, the authorisation token will contain the appropriate Commerce role, and SAP Commerce Cloud will then provide the right level of access.

If you are new to SAP Customer Data Cloud B2B and policies then you may want to check out the blog about Getting Started with SAP CIAM for B2B.

The following setup was in place for the Webinar:

Business Role Application Asset
Customer SAP Commerce Cloud b2bcustomergroup
Approver SAP Commerce Cloud b2bapprovergroup
Manager SAP Commerce Cloud b2bmanagergroup
Admin SAP Commerce Cloud b2badmingroup

The policies looked as follows in SAP Customer Data Cloud B2B:

 

Customer Policy

 

 

Approver Policy

 

 

Manager Policy

 

 

Admin Policy

 

See it in action

Once the delegated admin has invited a new member, the business role, as well as the asset in the context of the application can be reviewed.

The below example shows:

    • Business Role: Customer

 

    • Application: commerce

 

    • Asset: b2bcustomergroup

 

    • Access decision: Member can place view their cost center, view their historical order(s) and place new orders

 

 

Partner Customer

 

Bring Your Own Identity

Some (larger) organizations are likely to have an Identity Service for their employees which usually allows them to implement Single Sign On across their internal applications.

As described in the previous section, onboarded partners can add their own members via invite. This process will create a new account and set of credentials in SAP Customer Data Cloud. In order to avoid creating new credentials, partners have the ability to connect their Identity Service to SAP Customer Data Cloud using the SAML protocol.

The process is then as follows:

    1. Delegated Admin set up the trust between their own Identity Service and SAP Customer Data Cloud via the Delegated Admin Console

 

    1. Members are managed within the external Identity Service i.e. role assignment, termination, etc.

 

    1. Members access the Commerce application

 

    1. Members authenticate against the external Identity Service

 

    1. Members are auto-provisioned in SAP Customer Data Cloud and replicated into SAP Commerce Cloud

Below is a high level representation of the process:

BYOI: Setup and Authentication

The setup looks as follows in the Delegated Admin Console:

 

SAML Metadata

 

 

SAML Attributes Mapping

 

SAP Commerce Cloud Extension for B2B

The latest versions of SAP Commerce Cloud include the extensions required to connect to SAP Customer Data Cloud for B2B, therefore you can go ahead with the configuration as soon as the customer’s environment is ready.

For further details about the extension, please refer to the SAP Documentation.

Below are the basic steps you need to complete in order to:

    1. Connect SAP Commerce Cloud to SAP Customer Data Cloud

 

    1. Leverage the SAP Customer Data Cloud Screensets for organization registration, login and profile update

 

    1. Replicate organization members from SAP Customer Data Cloud to SAP Commerce Cloud

 

 

Authentication Configuration – API Key, Application Key and Secret

 

 

Authorisation Configuration – AppId, Key and Secret

 

 

Session Management Configuration

 

 

Field Mapping Configuration

 

Conclusion

This blog has explained how to rapidly deliver a global commerce experience with SAP Customer Data Cloud and SAP Commerce Cloud in the context of B2B. We have shared details about the standard integration between the two clouds and a high-level description of the implementation steps.

Webinar sign up

SAP Customer Data Cloud Webinar sessions are carried out by our product experts, covering a variety of topics spanning the full customer journey, from new capabilities, implementation best practices, release information, deep-dive sessions, to integration with other solutions.

Be sure to register for upcoming live webinars on the SAP CX Wiki, and subscribe to the Webinar Channel on enable.cx so you never miss out on new content.

Tags: SAP Commerce Cloud SAP Customer Data Cloud
Sara Sampaio

Sara Sampaio

Author Since: March 10, 2022

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x