As a new customer to the SAP S/4HANA Cloud, public edition solution, the very first system you are going to get, and use is called the Starter System.  This system has a set of master data and a set of 225+ SAP Best Practice scopes loaded to help you explore its capabilities and conduct the....

What is Top-Down User Sync ? Top–down user sync is a process that allows user data from an external system to be synchronized with a user directory in an organization. This process can be used for directory synchronization, provisioning, and user access control. The top–down user sync process begins by gathering user data from an external source and then mapping the data to the user directory. The mapped data is then used to create user accounts, update existing user accounts, and delete user accounts as needed. This process can be automated using SAP Identity Provisioning Service(IPS) or manual processes (not recommended). The process is beneficial as it allows administrators to quickly and easily manage user access and user data across multiple platforms with complete automated way. Bring all your Users from External IAM System to SAP IAS The challenge of bringing users from an external IAM(Identity Authentication Management) system to SAP IAS(Identity Authentication Services) can be daunting. It requires an understanding of both systems and a complete workflow to ensure the process is seamless and secure. The first step is to determine the data needed to be transferred from the external system. This will depend on the use case and the specific requirements of SAP IAS. Once the data is identified, the next step is to create a Standard or SCIM connector for the external system. This connector will be used to transfer the data from the external system into SAP IAS. The connector will need to be tested thoroughly to ensure that the data is transferred accurately and securely before it is used in SAP IAS. Once the SCIM connector is tested and approved, it can be used to move the data from the external system into SAP IAS. When the data is in SAP IAS, it needs to be mapped to the appropriate fields within SAP IAS. This is done by creating custom mappings within the system. Once the mappings are complete, the data can be imported into SAP IAS and the users can be added to the system. Below is the typical flow of User Provisioning Sync   In this....

We are aware about the use of BizX login page for login of Onboardee in ONB2.0. From 2H2022, SAP has officially released the feature of having IAS(Identity Authentication System) available to be integrated with ONB2.0 for New hires. This brings the option of having better security for login of Onboardee and leverage features of IAS....

Once the configurations explained in the previous articles is completed, you are expected to set up few transformations . I did not perform any transformations in source, but following are few transformations used in the target system. Below transformation under default userType mapping to set the user type in the IAS profile of user. Below....

early this year I checked out and watched the most interesting TechEd sessions in the SAP IAM space. This is a summary of relevant aspects without claiming to be complete. This blog contains updates from SAP TechEd concerning the SAP Cloud Identity Services deals with user provisioning through SCIM APIs and the approach of using one aggregated....

“The shoemaker’s children always go barefoot” 🙂 This is somehting that can discribe our SAP IdM authorization structure/concept …there is no such. It’s a rare case, when we have to implement one and there is no standard connector or approach for that. With this blog, I want to present one possible direction with which we can....

We all know, that SAP’s strategy is cloud-first. Logically more and more services and solutions are offered there. At the same time, the reality for a lot of companies is that they have many of their systems and processes still in the on-premise world. As we have to face the reality, the hybrid option is....

In this blog we cover some basics, explain the functionality, and use cases of the most relevant standards like SAML 2.0, OAuth 2.0, and OpenID Connect. In addition, we provide you with a configuration guideline that provides a deeper insight and supports your identity federation setup between your SAP IAS and Azure tenants. UPDATE: E-Book for this blog....

This article is mainly for partners and customers who wants to automate internal & external users sync (on-boarding) to SAP IAS by using the below SCIM APIs from your external system or applications. I have listed out all the examples for you to understand.. This below flow makes you understand to automate Users Sync from....

Single sign-on (SSO) is a session/user authentication process that permits users to enter a single name and password to access multiple applications. While SSO uses a single login (username/password) to access all applications within the same organization, federated SSO (FSSO) goes a step further and extends SSO across enterprises. In other words, FSSO allows access to multiple systems....