SAP Knowledge Base Article - Public

2396645 - SSO- Setting up SP Initiated Login


  • How do I setup SP Initiated Login
  • What settings do I need in Provisioning
  • What are the best practices for SP Initiated Login settings


  • BizX
  • Bizx Platform



In order to setup SP Initiated login, we need to know values for:

  • Default Issuer :
    If you have more than one asserting party, which asserting party will be the default for SP-Initiated ? (only one can be set here)
  • single sign on redirect service location (to be provided by IdP)
    Which URL to send the SP Authentication request to.
    Typically this is provided by the IdP. It could be in the metadata file provided already (under SingleLogoutService section)
  • Send request as Company-Wide issuer 
    What EntityID to send in the authentication request. This needs to match the setup on the customer end. Setting value to No sends the generic value for the datacentre, and Yes sends the value with the company ID.
    For example, if they setup their system to recognize the SP using “” then our authentication request SAML message needs to contain the same value, so we set it to No.
    If we want to send “” then we set it to Yes.

Setting up SP Login.png

SP Signing certificate needs to be used from Success Factors, otherwise the IDP system might reject the SP initiated login request



  • SAML
  • SAML2
  • Service Provider
  • Identity Provider
  • Single Sign On
, KBA , LOD-SF-PLT , Foundational Capabilities & Tools , LOD-SF-PLT-SSO , Single Sign-on , How To


SAP SuccessFactors HCM Core all versions