There is a need to setup Service Provider Trust in SAP Cloud Platform Identity Authentication Service. In this scenario, Identity Authentication acts as a proxy to delegate authentication to the corporate identity provider.
In this context, Identity Authentication can use a SAML 2.0 identity provider as an external authenticating authority. Identity Authentication thus acts as a proxy to delegate authentication to the external corporate identity provider. The requests for authentication sent by a service provider will be forwarded to the corporate identity provider.
As an identity provider proxy, Identity Authentication will act as a SAML 2.0 identity provider to the service provider, and as a SAML 2.0 service provider to the corporate identity provider. Once a user is authenticated at the corporate identity provider, successive authentication requests from service providers, which use the same corporate identity provider will not be forwarded to it as long as the session at Identity Authentication is active. Identity Authentication will issue assertions based on the user data received during the first authentication.
SAP Cloud Platform Identity Authentication Service
Corporate Identity Provider, SAP Cloud Identity Authentication Service, SAP Cloud Identity Service, SAP Cloud Identity, SCI, Trust, Setup, Setup Trust, Service Provider, SP, Service Provider Trust, Build trust, Trust between Corporate Identity Provider and SAP Cloud Identity Service, Trust between Identity Provider and Corporate Identity Provider, SAP Hana Cloud Platform Identity Authentication Service , KBA , BC-IAM-IDS , Identity Authentication Service , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.