SAP Knowledge Base Article - Preview

2656742 - How to Setup Trust for Corporate Identity Provider in SAP Cloud Identity Service


You would like to setup Service Provider Trust in SAP Cloud Platform Identity Authentication Service. In this scenario Identity Authentication acts as a proxy to delegate the authentication to the corporate identity provider.

In this context, Identity Authentication can use a SAML 2.0 identity provider as an external authenticating authority. Identity Authentication thus acts as a proxy to delegate authentication to the external corporate identity provider. The requests for authentication sent by a service provider will be forwarded to the corporate identity provider.

As an identity provider proxy, Identity Authentication will act as an SAML 2.0 identity provider to the service provider, and as an SAML 2.0 service provider to the corporate identity provider. Once a user is authenticated at the corporate identity provider, successive authentication requests from service providers, which use the same corporate identity provider will not be forwarded to it as long as the session at Identity Authentication is active. Identity Authentication will issue assertions based on the user data received during the first authentication.



SAP Cloud Identity Authentication Service


Corporate Identity Provider, SAP Cloud Identity Authentication Service, SAP Cloud Identity Service, SAP Cloud Identity, SCI, Trust, Setup, Setup Trust, Service Provider, SP, Service Provider Trust, Build trust, Trust between Corporate Identity Provider and SAP Cloud Identity Service,Trust between Identity Provider and Corporate Identity Provider , KBA , BC-IAM-IDS , Identity Authentication Service , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.