2088863 - SSO: Using multiple domains

SAP Knowledge Base Article - Public

2088863 - SSO: Using multiple domains

Symptom

  • Does SuccessFactors support acessing instances from multiple locations and systems?
  • Customer has multiple locations and systems but wants to implement SSO for everyone.

Environment

 
SuccessFactors Platform / BizX.
 

Resolution

SuccessFactors does support multiple domains, but the configuration varies according to the login method that you are using. See:

  • Token, Md5, Md5/Base64, Sha1, DES, 3DES: You can send the logins from as many places as needed. However, they will all need to use the same method and same keys;
  • SAML: Multiple asserting parties are allowed upon proper configuration, see KBA 2370144 for more information.

There are a couple of settings that you need to observe to have this working as expected, please be aware of the following:

  • IP restriction: For any method, if you have IP address restrictions turned on in Provisioning, this will limit the login source locations;
  • Redirects: We have a limit on the SSO redirects. We only have one set of those for any given action. For example, on "Invalid Login" all users will be redirected to the same page no matter where they logged in from. You would need to put all the needed information on this one page for "Invalid Login" that any global user might need to know. For a list of all the actions we support, please refer to this KBA 2278269.

Keywords

Login, multiple domain, Token, Md5, Md5/Base64, Sha1, DES, 3DES, SSO, SAML, redirect, ip restrictions, multiple asserting parties. , KBA , sf sso , LOD-SF-PLT-SSO , Single Sign-on , LOD-SF-PLT-SAM , SAML SSO First Time Setup , How To

Product

SAP SuccessFactors HCM Core all versions