SAP Identity Authentication (IAS) is available as a cloud service on SAP Business Technology Platform. This enables all user authentication requirements to be implemented in cloud system landscapes. The main advantage of SAP IAS is the native integration of cloud applications as target systems. This makes it much easier to connect cloud applications for authentication. The use of the SAML protocol for authentication enables flexible integration of identity providers such as Microsoft ADFS (Active Directory Federation Services) or Microsoft Azure AD.
SAP Identity Authentication can be used to implement different authentication solutions. However, the ideal solution is to implement single sign-on (SSO), which gives users secure access to all configured target systems with a single logon.
Integration of one or more identity providers
Single sign-on for connected cloud systems
Multi-factor authentication and risk-based access control for a higher level of security
To achieve a higher level of security, it is suitable to implement multi-factor authentication (MFA). This prompts the user to use another authentication factor when logging in, for example an RSA token or a code sent via SMS.
Another feature of SAP IAS is Risk Based Access Control. It offers the possibility to secure certain accesses in a special way based on specific characteristics. For example, access from a specific network (outside the corporate network) or access by a specific group of people (e.g., administrators).
One conceivable scenario could therefore be to activate single sign-on within the corporate network and to enforce multi-factor authentication for access from outside the corporate network in addition to single sign-on (see graphic).
Single sign-on for browser-based applications (cloud and on-premise)
Different authentication options
Different user store integration scenarios
Cloud-based service for identity lifecycle management
Manage users, roles, and groups in cloud and hybrid landscapes
Based on the SCIM industry standard
Centralized management of risk and compliance for on-premise and cloud
Reduced role management complexity through streamlined design and governance
Policy-driven workflow processes for access management and certification
Moving away from on-premise systems to cloud applications – the system landscape of companies is in a state of transition. This poses immense challenges for processes and IT security.
The integration between the Microsoft and SAP world poses great challenges for many companies. The different systems should not only communicate with each other, but also share, transfer and process data.
Automate your Identity Management processes in the cloud. Use the new SAP Cloud Identity services (Identity Provisioning and Identity Authentication) to establish an interface for all your cloud systems.
Simply complete the form and submit it. We will get back to you as soon as possible.
Identity lifecycle management is part of enterprise security and describes all processes for assigning roles and authorizations − from when an employee joins the company, through changing responsibilities or even department changes, to when he or she leaves.
SAP Identity Management focuses on the traceable management and consistent distribution of digital identities throughout their lifecycle – assignment, repeated adjustments, deletion.
SAP Single Sign-On enables end-to-end authentication against SAP and non-SAP applications. Central management of access data increases security, as only one user ID is required for all applications.