SAP Cloud Identity Services (IAS)

Published by brgeek on

How to Connect Sap Sales Cloud & IAS SSO

Michael Goulart

Title: How to create a single sign-on between Sales Cloud and Cloud Identity Services (IAS)

Had a great time playing with new AUTH system for SAP cloud environments , and I had to connect (2) systems with SSO here is the detail how to:

Objective: To guide users to Enable Single Sign-On (SSO) in SAP Sales Cloud by integrating it with SAP Cloud Identity Services (IAS) as the Identity Provider (IdP).

Scope: To implement SSO in SAP Sales Cloud with SAP Cloud Identity Services (IAS) as the IdP, you need expertise in SAP Sales Cloud administration, SAML configurations, and IAM principles.

Equipment/Tools:

  1. Web Browser (Chrome, Firefox, etc.)
  2. Web Development Tools (Visual Studio Code)

Procedure:

  1. Log in to your SAP Cloud Identity Provider account with your admin user.
  2. From the Left Panel, Navigate to Application and Resources  Tenant Settings.
  3. Choose SAML 2.0 Configuration.
  4. On the new Screen, Click on Download Metadata File. Note This Metadata is needed when you setup the trust in your SAP Cloud for Customer.
  5. Login to your SAP Cloud for Customer system.
  6. Navigate to the following work center view.
Work CenterADMINISTRATOR
ViewCOMMON TASK
  1. Choose Configure Single Sign-On.
  2. Download SP Metadata file.

Note

This Metadata file is needed when you setup the trust in your SAP Cloud Identity Provider.

  1. In the General Pane. Check the Manual Identity Provider.
  2. Under the section, Single Sign-On URL Handling, select the URL sent to Employee as Non-SSO URL and SSO URL.
  1. Choose Identity Provider tab.
  2. Click on New Identity Provider tab. In the pop-up window, import the Metadata file of your SAP Cloud identity provider.
  3. Enter an Alias name for your SAP Cloud identity provider.
  4. Click Save.
  5. Choose Activate Single Sign-On and choose OK on the pop-up dialog box that appears.
  6. Log in to your SAP Cloud Identity Provider account with your admin user.
  7. Click on Applications tile to create your SAP Cloud for Customer application.
  8. Click on Add and enter your SAP Cloud for Customer system name.For Example: C4C-CPQ / Sales Cloud / . . .
  9. Click Save.
  10. In the new Screen, Click on Home URL and enter your C4C SSO URL.For Ex: https:// <yourTenant>.sso.lab.sdesign.com
  11. Click Save.
  12. In the Trust, Choose SAML 2.0 Configuration and Import the C4C metadata file you have downloaded earlier.
  13. Click Save.
  14. Configure Name ID Attribute as Subject Name Identifier.
  15. Click Save.
  16. Configure Default Name ID Format as Unspecified.
  17. Click Save.
  18. Go Back to the Home Page and Navigate to Users & Authorizations  Import User.
  19. Create a CSV file for all the Sales Cloud users you want to enable SSO.
  20. Choose Import.
  21. Choose Send E-mails and Click Send.
  22. Activation E-Mail to all the user will be triggered.

Note

Once the user set their password for the IdP, they can login SAP Cloud for Customer using the SSO URL.

Categories: SAP
Tags:

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *