SAP Knowledge Base Article - Public

2707915 - Non-SSO instances - Enforce POST Login - BizX Platform


Customers can no longer access their instance in the same way as before. This is because GET Login Method has been retired

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."


SuccessFactors BizX Platform


Some customers in non-SSO instances have built their Usernames and Passwords into their Login URL's and then bookmarked them so that they could access SuccessFactors with a single click


This type of URL invokes GET login method which is insecure as the variables are built into the URL


As of 1811 Release, we will retire non-SSO GET method for SuccessFactors login and enforce POST login method to protect customer's sensitive data

Customers who still use the GET method login with username and password embedded in the login URL will be redirected to the login page with an error message. Users have to input username and password manually for a successful login

Why is it important?

GET login is not secure and puts customers sensitive data at risk. The POST login method is more secure and protects customers sensitive data


If customers used to use GET method login to do system integration with non-SSO, they should change the integration from GET to POST accordingly to avoid the login page redirection


Retire GET method, Enforce POST, Non-SSO login , KBA , LOD-SF-PLT , Foundational Capabilities & Tools , LOD-SF-PLT-LPG , Log In Page Issues (Non SSO) , Product Enhancement


SAP SuccessFactors HCM Suite all versions