IBsolution Blog

SAP Secure Login Service for SAP GUI – the new SSO cloud solution

Written by Simon Titus | Jul 23, 2024

Well-designed Identity & Access Management (IAM) in conjunction with multi-factor authentication (MFA) is an indispensable tool for protecting against cyber attacks and unauthorized access to sensitive company data. MFA in particular plays a crucial role here. Without it, companies are much more vulnerable to phishing attacks.

 

 

Protect your company data with a reliable Identity & Access Management system

 

 

Single sign-on makes MFA user-friendly

However, multi-factor authentication can mean a great deal of effort for users if it is not used in combination with single sign-on (SSO). By combining SSO and MFA, employees enjoy maximum protection against unauthorized access without having to authenticate themselves every time they access different applications. In today’s world of complex system landscapes, single sign-on and multi-factor authentication are not a luxury, but an indispensable prerequisite for the management and control of identities, access and authorizations.

 

Support for SAP Single Sign-On ends in 2027

The current SSO solution from SAP is called SAP Single Sign-On 3.0 and is still in use in the system landscapes of many companies. Typically, SAP SSO 3.0 runs via the SAP NetWeaver Application Server Java as a certification service via on-premise systems. With the discontinuation of SAP NetWeaver 7.5, support for SAP Single Sign-On 3.0 will also end on December 31, 2027.

 

As the cloud-based successor to SAP Single Sign-On and future certification powerhouse, SAP is relying on SAP Secure Login Service for SAP GUI. With it, companies benefit from the classic advantages of a cloud-based authentication point in terms of

  • Scalability and flexibility

  • Cost and effort efficiency

  • Security and reliability

 

Not only a SSO 3.0 successor, but an extension 

SAP Secure Login Service for SAP GUI is particularly impressive due to its simple structure. Once it has been set up, further configurations can be carried out via uncomplicated steps in SAP Identity Authentication Service (IAS). Even multi-factor authentication can be easily integrated into the authentication process. In addition, SAP Secure Login Service for SAP GUI connects seamlessly with existing SAP landscapes and supports a variety of authentication methods and technologies.

 

Conditional authentication via IAS

The IAS offers many advantages as an authentication point. One of these is the ability to define different authentication processes based on various factors.

 

Source: SAP

 

For example, MFA can be defined for external access to the company network or for certain user groups, or authentication against different identity providers can be mapped using the mail domain. This makes it much easier to manage different identity providers.