0% found this document useful (0 votes)

36 views

SAP Identity Authentication and Identity Provisioning - Part 1

The document provides an overview of SAP Cloud Identity Services, which includes Identity Authentication Services (IAS) and Identity Provisioning Services (IPS) as part of the SAP Business Technology Platform (BTP). IAS facilitates user authentication and single sign-on for SAP applications, while IPS automates identity lifecycle processes and manages user roles and groups. The document also outlines the components of SAP BTP, emphasizing its integration of data management, analytics, application development, and intelligent technologies.

Uploaded by

Bhemunathinu Madhukar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

36 views

SAP Identity Authentication and Identity Provisioning - Part 1

Uploaded by

Bhemunathinu Madhukar

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 36

SAP Cloud Identity services –

Identity Authentication and Identity Provisioning

Index

 SAP Business Technology Platform (SAP BTP)

 Components of SAP BTP

 SAP Cloud Identity Service

 Identity Authentication Services (IAS)

 Identity Provisioning Services (IPS)

NTT DATA Business Solutions India

SAP Business Technology Platform (SAP BTP)

 SAP Business Technology Platform (SAP BTP) is a portfolio of SAP products, services and
solutions that are brought under one umbrella.

 SAP BTP is a collection of on-premise, cloud products and solutions that brings together data
management, analytics, artificial intelligence, application development, automation, and integration
in one, unified environment.

 SAP Cloud Platform (SCP) has been rebranded as SAP Business Technology Platform (BTP).

 Integration Suite is one of the services (software as a service) capabilities available in SAP BTP
which is used to build, manage, and deploy applications, connect data and business processes on
one integrated platform.

NTT DATA Business Solutions AG 11.03.2025 2

Components of SAP BTP

 SAP BTP is integrated under four technology pillars:

 Database and Data Management

 Analytics

 Application Development and Integration

 Intelligent technologies

NTT DATA Business Solutions AG 11.03.2025 3

Database and Data Management
 It consist of everything we need to store, access, process, integrate and interpret all relevant data
in the system landscape.

 The different services and products categorized under this pillar lets us manage and use data in a
flexible and efficient manner at the speed the business demands.

NTT DATA Business Solutions AG 11.03.2025 4

Database and Data Management

 SAP HANA and SAP HANA Cloud provide powerful and flexible data management through
an in-memory database on-premise and in the cloud.

 SAP Data Warehouse Cloud enables you to get a single view of data across every aspect
of the organization without having to physically move it into a single place.

 There are also products such as SAP Data Intelligence, SAP Data Services,
SAP Master Data Governance (SAP MDG)

NTT DATA Business Solutions AG 11.03.2025 5

Analytics

 Using the products under analytics, we can plan and forecast, make rapid decisions, and
truly become insight-driven.

 SAP Analytics Cloud allows us to quickly bring data from the operations systems, data
warehouses, and data lakes and easily combine it with external market data or even
third-party spreadsheets using machine learning technologies.

 You can forecast what’s going to happen and create intelligent scenario planning options.

 We can also find products such as SAP Data Warehouse Cloud, SAP BW/4HANA,
SAP Analytics Cloud for planning, and others

NTT DATA Business Solutions AG 11.03.2025 6

Application Development and Integration
 The Application Development and Integration pillar gives us everything we need for agile
business process innovation, extension, and integration in the cloud and across hybrid
scenarios.

 We can easily integrate different systems, extend current application, or create new point
solutions for urgent needs.

 Extension Suite is part of this pillar and provides various services that can be leveraged to
build and extend SAP solutions.

 SAP Integration Suite, on the other hand, lets us seamlessly integrate SAP and non-SAP solutions
both on-premise and in the cloud.

NTT DATA Business Solutions AG 11.03.2025 7

Intelligent Technologies

 Artificial Intelligence, Machine Learning, and IoT are getting embedded into everything—both
simple and complex business processes.

 SAP solutions such as SAP Intelligent Robotic Process Automation (SAP Intelligent RPA) and
machine learning lets us automate the kind of complex repetitive decisions that make up a
significant portion of business processes.

NTT DATA Business Solutions AG 11.03.2025 8

SAP Cloud Identity Service

 SAP Cloud Identity Services provide basic capabilities for user authentication and provisioning,
which is a core requirement for all integration and/or extension scenarios of the Intelligent
Enterprise

 SAP Cloud Identity Services currently consist of two main components:

 Identity Authentication
 Identity Provisioning

NTT DATA Business Solutions AG 11.03.2025 9

Identity Authentication Service (IAS)

 Identity Authentication is a cloud service for authentication, single sign-on, and user management
in SAP cloud and on-premise applications.

 It can act as an identity provider (IDP) that validates user’s credentials and offers single sign-on for
relying parties.

 It can act as a proxy for integration into an already existing single sign-on
infrastructure with a corporate IDP.

 It simplifies user experience through authentication mechanisms, single sign-

on-premise integration, and convenient self-service options

NTT DATA Business Solutions AG 11.03.2025 10

Identity Authentication Service (IAS)
 Single Sign-On (SSO)
 No longer authenticate against each application but instead perform primary authentication.
 The result of perform primary authentication against central system is we receive a security token.
 The token contains a key at the end allows us to access the applications in automated way, so we
have a Single Sign-On.

NTT DATA Business Solutions AG 11.03.2025 11

Identity Authentication Service (IAS)

 Best approach for SSO towards SAP cloud application

 SAML (Security Assertion Markup Language) used

for Authentication, Identification and Authorization

NTT DATA Business Solutions AG 11.03.2025 12

Identity Authentication Service (IAS)

NTT DATA Business Solutions AG 11.03.2025 13

Identity Authentication Service (IAS)

 SAML flow

NTT DATA Business Solutions AG 11.03.2025 14

Identity Authentication Service (IAS)

NTT DATA Business Solutions AG 11.03.2025 15

Identity Authentication Service (IAS)
 How identities can be created in Identity Authentication services?
 We can user administration console and create users manually, automate user creation using SCIM
endpoints that is provided by IAS

NTT DATA Business Solutions AG 11.03.2025 16

Identity Authentication Service (IAS)

 Once we create user in IAS it will be enriched with at least 2 very important attributes:

1. P-user (User ID)

2. Universal Unique Identifier (UUID)

NTT DATA Business Solutions AG 11.03.2025 17

Identity Authentication Service (IAS)

 Features of Identity Authentication Service

NTT DATA Business Solutions AG 11.03.2025 18

Identity Provisioning Service (IPS)
 The Identity Provisioning service automates identity lifecycle processes and manages users, roles
and groups.

 To implement IPS lifecycle processes SAP Identity management system 8.0 is required.