SAP Knowledge Base Article - Public

2674232 - Configuring SSO between IAS Tenant and BizX Instance - BizX Platform


 How to configure SSO between IAS Tenant and BizX Instance

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."


 SuccessFactors BizX Platform


SAML Communication.png

Initial Steps:

  • Support creates and attaches metadata file of customers BizX Instance to incident for configuration on IAS side.
  • Get IAS metadata file from customer for configuration on BizX Provisioning side.

IAS Configuration:

IAS Configuration.png

  • Support Engineer needs to configure / troubleshoot through a screenshare session as the customer has the access to their IAS tenant.
  • Applications > +Add > Name your Custom Application > click on SAML 2.0 Configuration to enter metadata file from BizX

IAS Configuration2.png

  • Browse to your saved metadata file and import
  • It will auto-populate the required fields highlighted in the screenshot across
  • These fields include the Identifier, ACS (Reply) URL, Signing Certificate and the Secure Hash Algorithm
  • With IAS, we can now leverage SHA-256 whereas before, we were limited to SHA-1
  • SHA-256 offers improved security and is one of the main drives behind moving to IAS

Retrieving IAS metadata file for BizX configuration:

Retrieving IAS metadata file for BizX configuration.png

  • Tenant Settings > SAML 2.0 Configuration > Download Metadata file

BizX Configuration: IDP-Initiated Login (Bizx Config done by Support / Partner who has access to Provisioning)

BizX config1.png

  • Asserting Party Name can be anything. IAS_COMPANYID for example
  • Issuer from IAS metadata
  • Certificate from IAS metadata
  • The Idp is signing the Assertion so we set to ‘Assertion’
  • Enable SAML Flag always set to ‘Enabled’
  • Enforce the Signing certificate expiry set to ‘Yes’

BizX Configuration: SP-Initiated Login

BizX config2.png

  • Same as IDP-Initiated Login covered above but with the added configuration of the SP-Initiated areas as shown
  • Search IAS metadata file for the SingleSignOn and SingleLogout URL’s


 IAS, IAS Tenant, SSO, SSO Integration between IAS Tenant and BizX , KBA , LOD-SF-PLT , Foundational Capabilities & Tools , LOD-SF-PLT-SEL , SSO Errors & Logs , LOD-SF-PLT-SAM , SAML SSO First Time Setup , How To


SAP SuccessFactors HCM Suite all versions