SAP Cloud Identity Services
SAP Cloud Identity Services are our central solution for managing authentication, single sign-on, and the identity lifecycle. They improve system integration, provide a seamless user experience, and enhance security and compliance.
Explore how identity and access management (IAM) software from SAP supports building successful system integrations in cloud and hybrid environments. With SAP Cloud Identity Services and well-established IAM related industry standards, SAP improves system integration and helps provide a seamless user experience while also improving security and compliance.
Check out our new IAM reference architectures now available in SAP Discovery Center. They describe the authentication and identity lifecycle flows for SAP applications via SAP Cloud Identity Services; and how the different authorization technologies within the SAP portfolio can be used from a central point for the identity lifecycle.
The Identity Authentication service of SAP Cloud Identity Services can act as a proxy to delegate authentication to your corporate identity provider. Explore the technical aspects of integrating IBM Security Verify with SAP Cloud Identity Services.
With the new Authorization Management service, administrators can assign access based on policies centrally within SAP Cloud Identity Services. An access policy allows a user to perform certain actions on a resource, subject to restricting rules. These rules can be adapted by administrators so that policies fit company requirements before being assigned to users.
The integration of SAP Cloud Identity Services with SAP Concur solutions offers a more streamlined and secure system landscape. By leveraging SAP Cloud Identity Services, you can benefit from a centralized security for authentication and access to all SAP business applications with a single click. Overall, this enhances the Identity Access Management solution capabilities for SAP Concur solutions.
Check out two recent product updates for the Identity Provisioning service. You can now manage the history of transformations, review and restore them to a previous version, as well as download a specific one. And it is now required to re-enter credentials whenever you change the URL or the host name of a provisioning system.
Developers can define and deploy applications that support authorization policies, including functional checks, instance-base authorizations, and user attributes. The authorization policies are available in the SAP Cloud Identity Services administration console where administrators can assign them to users and thus manage user access to resources.
Learn more about how to integrate SAP Cloud Identity Services with SAP Build Work Zone. We will explain the different trust setups you typically encounter when setting up SAP Build Work Zone or SAP SuccessFactors Work Zone.
Overview
SAP Cloud Identity Services are SAP’s central cloud IAM services for authentication, single sign-on, and identity lifecycle. SAP solutions integrate with SAP Cloud Identity Services and reuse its functionality where possible.
Authentication is delegated to Identity Authentication. User information is either directly read from the Identity Directory or the solution’s user store is integrated with SAP Cloud Identity Services via SCIM-based user provisioning. Newly built applications will use the Authorization Management service for policy-based authorization checks.
This standardizes the IAM setup, reduces duplicate functionality, and gives customers a clear setup and central IAM configuration and access point.
Solution overview presentation
Evolving Identity Authentication and Identity Provisioning into SAP Cloud Identity Services
SAP Cloud Identity Services – Why and How to Integrate Them for a Consistent Identity Lifecycle
Identity Authentication
Identity Authentication is a cloud service for authentication, single sign-on, and user management in SAP cloud and on-premise applications. It can act as an identity provider itself or be used as a proxy to integrate with an existing single sign-on infrastructure.
Identity Provisioning
Identity Provisioning offers a comprehensive, low-cost approach to identity lifecycle management in the cloud. It helps you provision identities and their authorizations to various cloud and on-premise business applications.
Identity Directory
The Identity Directory is the central component for persisting users and groups inside the SAP Cloud Identity Services. Using the Identity Directory not only simplifies the process of ensuring a proper user lifecycle, but also lays the foundation for integration with SAP cloud applications.
Authorization Management
The Authorization Management Service allows administrators to assign access based on policies centrally within SAP Cloud Identity Services. An access policy allows a user to perform certain actions on a resource, subject to restricting rules. These rules can be adapted by the administrator so that policies fit company requirements before being assigned to users.