SAP Knowledge Base Article - Public

2238736 - SuccessFactors SAML2 Single Sign-On

Symptom

  • What Is Single Sign-On?
  • How Does SAML2 Work?

Environment

SAP SuccessFactors HCM Suite

Resolution

What Is Single Sign-On?

Single Sign-On (SSO) is a property of access control of multiple related, but independent software systems. With this property, a user logs in once and gains access to all systems without being prompted to log in to each of them.
SuccessFactors offers a number of SSO options to allow users to access the application without entering their SuccessFactors username and password. This document describes the SAML2 option.

How Does SAML2 Work?

SSO generally takes place between two parties. The Identity Provider (IdP) has information to authenticate the users and generate SSO logins. The Service Provider (SP) offers a service that is accessible using your SSO. The SP must be able to accept customer-generated SSO logins and identify the user who you want to log in. This document covers the SAML2 SSO standard. In general, any SAML2 SSO software should work with the SuccessFactors application. We support the following SAML2 protocols:

  • IdP-initiated where a user starts the process internally
  • SP-initiated where a user starts the process by attempting to connect to SuccessFactors

The processes look like this:

Identity Provider (IdP) Initiated SAML Single Sign-On

IDP.PNG

Service Provider (SP) Initiated SAML Single Sign-On

SP.PNG

Keywords

SAML2, Single Sign-On, SSO, SAML v2, IDP, SP , KBA , LOD-SF-PLT-SAM , SAML SSO First Time Setup , How To

Product

SAP SuccessFactors HCM Suite all versions