Skip to Content
Author's profile photo Gali Kling Schneider

Social Sign On is Here

Logging on to SCN is about to get a lot easier!

I’m happy to share that on Monday, April 29, Social Sign On with Twitter will be available. Yes, all members who tweet can link their twitter handle and password with their SCN account. This will make life easier by having one set of log in details to remember. In addition, it will also allow you to log into twitter in the morning and surf SCN throughout the day! Sounds great, right? So how can you do it? Here’s how:

Before logging in, check out the new light blue button on the bottom “Log On with Twitter”:

Social Enabled Log On.jpg

Once pressed, fill in your twitter details and then you’ll see the following screen:

Post Twitter Authentication Link Accounts.jpg

Now enter your SCN email/ ID/ User Name and password and that’s it!

Account Successfully Linked.jpg

The accounts will have been linked and the next time you log in you can use your twitter credentials!

New members, who click on log on with twitter, will be able to create a new account and the twitter data will be displayed in the new user registration form.

We are working on providing additional Social Sign in options to further enhance the ease of member log in. We can look forward to Facebook next, followed by LinkedIn and Google+.

This is a first step in simplifying engagement on SCN, as part of Project Ignite. logo_ignite_Final.gif

Assigned Tags

      52 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Frank Koehntopp
      Frank Koehntopp

      OMG that's AWESOME (provided it works... 😉 )

      So that's the official capitulation of the ID Service to Twitter/Facebook, or SAML to oAUTH? 😀

      Author's profile photo Former Member
      Former Member

      I hope it works, too! We've tried a variety of sign-on (persistency, social, etc.) over the past several months and there have been challenges that forced us to adjust on the fly... I'm hopeful on this one.

      Author's profile photo Former Member
      Former Member

      Great stuff Gali!  We've been talking about and planning for this for a long time, but excited to finally be here!  Thanks to Charles Carney for the SSO and SAP ID Services work in the background.  We're starting with Twitter out of the gate, but following up with Facebook, LinkedIn, and others shortly.

      Author's profile photo Matt Harding
      Matt Harding

      This sounds great Gali. Just to check - Will this work with remember me and help at all with stopping the pop-ups for SAP certificates that aren't linked with SCN accounts (like mine)? I'm happy to use any style of login (even yahoo) if it avoids me pressing login, and clicking cancel on certificate prompts!

      Cheers,

      Matt

      Author's profile photo Oliver Kohl
      Oliver Kohl

      Hi Matt,

      the certificate popup is a known issue with our current load balancer software and it is being worked on as we speak (which of course does not mean it gets fixed anytime soon...).

      Best,

        Oliver

      Author's profile photo Former Member
      Former Member

      Hi, Gali,

      this is great.

      As China social media has huge number of registrations, I'm wondeirng whether Sina Weibo (500M+), Tencent WeChat(300M+) and Renren(200M+) will be considered in the next phases.

      cheers

      Shengtao

      Author's profile photo Gali Kling Schneider
      Gali Kling Schneider
      Blog Post Author

      Hi Shengtao,

      We are certainly taking into account Chines social media 🙂

      However the timelines are still unknown as well as which will/won't be integrated.

      Best, Gali

      Author's profile photo Former Member
      Former Member

      Hi, Gali

      Many thanks. Please kindly let me know should you need any informaton or language support from us.

      Cheers

      Shengtao

      Author's profile photo Anthony Mendes
      Anthony Mendes

      I agree with Matt Harding, currently my log in always pops up with the SAP certification.

      Also, will I be able to update the twitter handle on the my profile page, just like details such as email or am I asking for too much 😐 !

      Will have to wait for D-Day Monday, April 29 to check it out ...

      Thanks Gali, this is welcome feature. 

      Author's profile photo Jeanne Carboni
      Jeanne Carboni

      Hi Anthony,

      You should be able to edit your twitter handle. Go to your profile, scroll down until you see "Edit profile/privacy" on the right hand side. Then it will take you to an editable version of your profile.  Twitter handle can be edited as an instant messager option. 

      Email is not editable, as the email account is tied to the SCN account.

      Jeanne

      Author's profile photo Anthony Mendes
      Anthony Mendes

      Hi Jeanne,

      Thank you for the instruction. I have now linked my twitter handle to my profile.

      Tony

      Author's profile photo Jeanne Carboni
      Jeanne Carboni

      Congrats, Anthony!

      Author's profile photo Jeanne Carboni
      Jeanne Carboni

      I've tested this out in QA on my SAP laptop through Chrome, and also on my home PC though Chrome and it worked really well. 

      Nice job Charles Carney and Gali Kling Schneider!

      Jeanne

      Author's profile photo Frank Koehntopp
      Frank Koehntopp

      Hi Jeanne,

      how did you manage to prevent being logged in with the certificate? I'd love to try this, but the certificate is always first 😉

      Author's profile photo Steve Rumsby
      Steve Rumsby

      I was just about to ask the same question 🙂

      Author's profile photo Steve Rumsby
      Steve Rumsby

      I deleted the certificate from my Keychain, after exporting it first, obviously. If only Twitter login credentials worked for Service Marketplace too, I wouldn't need to put the certificate back... 🙂

      Steve.

      Author's profile photo Charles Carney
      Charles Carney

      Hi Steve and Frank,

      Since you reference Keychain, I assume that you both work on a Mac.  Safari automatically takes the certificate and we cannot do anything about that.  If you use Chrome, you should be prompted for your certificate where you can cancel.  Everything else should function after that.

      Thanks,

      Charles

      SAP ID Service Product Owner

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Chrome doesn't give me the option to cancel a certificate login, which is why in the end I deleted the certificate to try this out! It was at least easy to delete and easy to put back.

      Steve.

      Author's profile photo Jeanne Carboni
      Jeanne Carboni

      Hi Frank Koehntopp,

      I use Chrome and reject the certificate. I also use my home computer sometimes for tests.

      Jeanne

      Author's profile photo Frank Koehntopp
      Frank Koehntopp

      Hrmph.

      Chrome would also automatically log me in, so I tried in an incognito window.

      There I authenticated to Twitter and was asked for user/password. That took a while, not sure when I used that last time 😉

      Then a message popped up: "couldn't update user with ID Dxxxxx"

      Any ideas?

      Frank.

      Author's profile photo David Clavey
      David Clavey

      Great idea, 🙂

      Author's profile photo Jitendra Kansal
      Jitendra Kansal

      Wow..this is really awsome 🙂

      Author's profile photo Jeanne Carboni
      Jeanne Carboni

      Hi,

      Anthony Mendes, I need to clarify.

      When you updated your profile with your twitter handle, that did not give you the twitter social sign on that Gali describes in this blog. It just gives people your twitter account information.

      Gali informed me this morning that twitter social sign on will only be available later today, so please try it again tomorrow. Gali's screen shots and instructions give the complete picture on how to set it up.

      Best regards,

      Jeanne

      Author's profile photo Charles Carney
      Charles Carney

      Hi Anthony and Jeanne,

      The Twitter log on is now available.  By the way, updating the SCN profile does not link the account to log on with Twitter.  To link the Twitter account, please start at the log on page.

      Thanks,

      Charles

      SAP ID Service Product Owner

      Author's profile photo Steve Rumsby
      Steve Rumsby

      When I try this I don't see the light blue "Logon with Twitter" button. Am I missing something?

      Steve.

      Author's profile photo Gali Kling Schneider
      Gali Kling Schneider
      Blog Post Author

      The deployment was completed now Steve, please try again 🙂

      Author's profile photo Steve Rumsby
      Steve Rumsby

      That's better, but still not perfect. I logged in first with Twitter but the screen did not change to one with a "Link accounts" button. I had to close the page and re-open it to get that. Then the "Link accounts" process took a very long time - long enough to make me think it had failed. I was close to closing the browser and trying again.

      After that it did indeed login without the need for a username and password. Until I closed the browser and re-opened it. Even though Twitter logs me in without asking for username/password SCN still needs me to clock the "login" button. No need for username/password, but I thought I could avoid even clocking "login". Did I misunderstand?

      Steve.

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Is there a way to unlink my SCN and Twitter accounts?

      Steve.

      Author's profile photo Charles Carney
      Charles Carney

      Hi Steve,

      The screen did not refresh because we did not get a response from Twitter.  Unfortunately, Twitter is currently over capacity. 

      You can unlink your account in your SAP ID Service profile by going to https://accounts.sap.com/.  There is a Social Sign On section, where you can edit your linked accounts.  Click on edit then unlink to unlink your account.

      Thanks,

      Charles

      SAP ID Service Product Owner

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Thanks Charles. I've gone back to certificate-based login for now. If social sign-on doesn't avoid the need to click the login button occasionally, I don't see any benefits over certificate login.

      Steve.

      Author's profile photo Charles Carney
      Charles Carney

      Hi again Steve,

      Have you tried using your log on credentials and the Remember me on the log on?  There will be at least only one click instead of two in the certificate log on.

      Charles

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Once I hit the login link on the main page, certificate login proceeds with no further intervention. I certainly don't need to click twice, like I know other people do. It isn't a major problem for me, but I thought the social sign-on might avoid even that one click (after all, twitter doesn't ask me to login, even with remembered credentials - it just goes straight to my home page). Since it doesn't, and since I need certificate login for other things, I'll just stick with it for now.

      Thanks,

      Steve.

      Author's profile photo Chris Paine
      Chris Paine

      You might want to try using the Twitter Authenticate API rather than the Authorize API - otherwise users will get prompted by twitter every time they sign in - which isn't good.

      https://dev.twitter.com/docs/api/1/get/oauth/authenticate

      And as it's the IDP service which has implemented twitter authentication not SCN (correct me if I'm wrong but looking at the network traffic from my browser it seems the login is from the IDP and provide SAML responses to SCN) - we still have to deal with the huge delays on login due to the multiple SAML roundtrips. I regularly have to wait minutes for a response from accounts.sap.com  🙁

      But as a big fan of OAuth and where it can take you, (i.e. away from SAML) then this is great 😉

      Cheers,

      Chris

      Author's profile photo Charles Carney
      Charles Carney

      Hi Chris,

      Thanks for the feedback!  Today is a public holiday in German so we will have a look at that API tomorrow. 

      I personally investigated and the wait times that you reference above.  All of the SAML authentication is completed in average of .7 seconds and returned or accounts.sap.com is waiting to "deliver" the response.  We are working with the SCN development team on this issue.

      Thanks,

      Charles

      SAP ID Service Product Owner

      Author's profile photo Chris Paine
      Chris Paine

      Thanks for following up Charles,

      I was going to trace the SAML exchange to give you an example of the bad delays - but of course today it's working super fast 🙂 I think it must be some network latency issues with me being in Australia and the network not being super responsive. Although I did get a 2.1min response for a POST to accounts.sap.com yesterday (I should have taken a screen shot of the Chrome network "graph" as you'll never believe me (I wouldn't if I were you 😉 ). And mobile logins on my Nexus4 take a very long time (although I haven't traced why this is yet may well have nothing to do with the IDP part or just due to the patchy network whilst I ride to work on the tram.

      Hope you had an enjoyable Labour Day Holiday!

      Will you be publishing the details of how to leverage the Social login capability of the IDP (for use in SAP HANA Cloud applications for example)? Or is it just plug and play ( I can imagine there must be some kind of switch/parameter to enable it?) But that's probably a different blog!

      Thanks again for following up.

      Chris

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Funny you should mention the Nexus 4. Exactly the same happens on both my Nexus 4 and Nexus 7. Following a link to an SCN blog takes an age. So long that usually I give up before it completes. Shame it can't redirect to the mobile Jive interface which uses a different login method that works very quickly...

      Steve.

      Author's profile photo Charles Carney
      Charles Carney

      Hi Steve,

      Mobile authentication is one of the major themes on which we are working.  I will reach out to both of you once we have something available for Android devices.  Do either of you have an iOS device?

      Charles

      Author's profile photo Steve Rumsby
      Steve Rumsby

      I'm not a regular iOS user, but I have an iPod Touch I can get my hands on easily.

      Steve.

      Author's profile photo Chris Paine
      Chris Paine

      Hi Steve,

      on the Nexus devices there is an issue with Chrome and sites that use certificate pop-ups (functionality existed in old browser but not in Chrome)

      https://code.google.com/p/chromium/issues/detail?id=170110

      This issue is fixed in the current Beta Chrome build:

      https://play.google.com/store/apps/details?id=com.chrome.beta

      Now you can browse SCN again on the way to work 😉

      Cheers,

      Chris

      PS - it took me about 2hrs of debugging and research to figure that out!

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Excellent! Certificate login on my Nexus device. I've been wanting to make this work for ages but could never bring myself to do the low-level debugging work. Good job you're around 🙂

      Thanks Chris!

      Author's profile photo Steve Rumsby
      Steve Rumsby

      The latest update to the non-beta Chrome for Android supports certificates. The world is a better place:-)

      Steve.

      Author's profile photo Midhun VP
      Midhun VP

      That's awesome. In the last few days I found big changes in SCN. Now I am addicted to SCN.

      Author's profile photo Former Member
      Former Member

      I'm especially hopeful seeing Charles connecting with Steve and Chris on this topic. Three experts collaborating on a solution can only mean good things...

      Author's profile photo Kavindra Joshi
      Kavindra Joshi

      Tried this and it works. Seems SCN is delivering the features one at a time. Looking forward to more of such features.

      ~Kavindra

      Author's profile photo Former Member
      Former Member

      Social Login!!! Dreamed about that. So cool, it´s been made possible! 🙂

      Any plans to enable login via LinkedIn in step 2?

      "LinkedIn enjoys substantial popularity on sites that cater toward business professionals, with as many as 80% of business professionals choosing to log in with their LinkedIn identity on some B2B websites." Source

      Author's profile photo Charles Carney
      Charles Carney

      Hi Thomas,

      We are in the process next of delivering Facebook integration next.  After that is completed, we will deliver LinkedIn integration.

      Thanks,

      Charles

      Author's profile photo Chris Paine
      Chris Paine

      After FB surely Google would make sense? (personal preference here!) 😉

      I note also that the Twitter OAuth API used is still "Authorize" not "Authenticate".  I really think that using FB as a login service should use the Authenticate API if it is supposed to be a "login with twitter" type service.  See https://dev.twitter.com/docs/auth/implementing-sign-twitter for an example.

      Author's profile photo Charles Carney
      Charles Carney

      Hi Chris,

      We are investigating the Twitter Authenticate API.  We will not be able to make any changes on production until after Sapphire, which is next week.

      Thanks,

      Charles

      Author's profile photo Chris Paine
      Chris Paine

      Thanks Charles,

      I look forward to seeing SAP ID Service provide many more social sign-on options in the future.

      Author's profile photo Steve Rumsby
      Steve Rumsby

      Facebook is a "personal use only" thing for me. In particular I don't use it to authenticate to any other services. Google+ makes more sense to me too. That said, Twitter is my first preference for this sort of thing, and you've already done that!

      Author's profile photo Former Member
      Former Member

      Thanks for the insights on the roadmap, Charles. Looking forward to it.

      Author's profile photo Goran Peuc
      Goran Peuc

      Wait, so this does not remove the need to have SAP ID account to begin with? This just enables you to link Twitter account to existing SAP ID?

      I don't get what is the actual use then, since in most cases my SAP ID, or SSO will log me in in any case. What is the benefit of having additional log in method that basically requires me to have another log in method as well. After all, entering email/password for Twitter is not all the different than entering email/password for SAP ID. Right?