Large corporate enterprise typically span the globe with offices in multiple locations. Therefore, It is not unusual to find, that your cloud tenants are also scattered around the world. Perhaps with a SuccessFactors license based in the US, and your HANA Cloud Platform based in Europe.
In this case, what happens when you want to perform an automatic binding?
Automatic binding will result in you receiving a new tenant, based on a SuccessFactors trial license.
Annoying, right? So, what do we do now? How do we start consuming Data from our SuccessFactors installation when the 2 systems are standing in separate corners of the room, with their arms crossed – occasionally sending each other angry stares?
I myself have been struggling with this, and am here today to share my experience with setting up the connection, so Data can be consumed from SuccessFactors, in your HANA Cloud Platform. It’s not simple, but it can be done for sure!
For this guide, you will need:
In this guide, we will focus on pulling data from SuccessFactors through a technical user, since we won’t do the integration in the other direction just yet (See a later guide for this). To keep the integration as simple as possible, we shall do it this way for now.
First we must prepare SuccessFactors to share its data with HANA Cloud platform.
This consists of 2 steps:
Firstly, log on to your SuccessFactors Provisioning section and go to the company you wish to connect to. Note down the Company ID (in the second column on the Provisioning overview page) – you will need it a lot for this configuration guide.
Also, note down the URL to the SuccessFactors tenant you are connecting to. This could be (for example) https://performancemanager5.successfactors.eu - or any of the other tenants in the Successfactors cloud.
Firstly, (under the company which you want to connect to) go to Company Settings, and create yourself an Administrative User (Search for “Create Admin”).
While here, you can also enable the “SF Web service” service as well.
Next, log into the SuccessFactors tenant as the Admin user you created, and assign roles to yourself. The more roles, the more data you can access in SuccessFactors.
In order to initiate the trust with HANA Cloud Platform, the individual apps under HCP must be trusted. This is accomplished in SuccessFactors Provisioning, under the menu link “Authorized SP Assertion Consumer Service Settings”.
Click on “Add another Service Provide ACS” – and add the following information:
Assertion Consumer Service: https://webide-<your HCP Tenant ID>.hana.ondemand.com/portal/extensions/sfsf/index.html
Logout URL: https://authn.hana.ondemand.com/saml2/sp/slo/<your HCP Tenant ID>/<your HCP Tenant ID> - (yes, it must be there twice)
Audience URL: https://hana.ondemand.com/<your HCP Tenant ID>
This information, can also be found by logging on to your HANA Cloud Platform, and selecting “Trust” on the left-hand navigation. Under Local Service Provider, you can download the Metadata file, and the paths can be found under the properties ns3:SingleLogoutService and ns3:AssertionConsumerService.
Now that you are here (Successfactors Provisioning / Service Provider ACS) - You can prepare your SucccessFactors tenant for consuming apps from your HANA Cloud platform, by adding another Service Provider ACS, with the URL: https://cloudnwcportal-<your HCP Tenant ID>.hana.ondemand.com/portal/extensions/sfsf/index.html for Assertion Consumer Service – as this will allow calls from HANA Cloud Portal, which is used to connect to apps from Successfactors.
Next, We must set up HANA Cloud Platform so it will trust SuccessFactors to send Data to it. This consists of 2 steps:
Firstly, download the SAML 2.0 Metadata file from this URL:
https://<SF URL>/idp/samlmetadata?company=<company ID>
From your HANA Cloud Cockpit, Click Trust, and then click “Add Trusted Identity Provider”.
In the screen that pops up, upload the Metadata file you downloaded before, and the result should look somewhat like this:
Name: https://<SF URL>/sf/idp/SAML2/company/<company ID>
Description: Successfactors IDP
Assertion Consumer Service: Application Root (default)
Single Sign-on URL: https://<SF URL>/sf/idp/SAML2/SSO/POST/company/<company ID>
Single Sign-on Binding: HTTP-POST
Single Logout URL: https://<SF URL>/sf/idp/SAML2/slo/POST
Single Logout Binding: HTTP-POST
Signature Algorithm: SHA-1
Signing Certificate: <a long incomprehensible string of scrambled encryption key>
User-ID Source: Subject
Source Value: <blank>
User ID Prefix: <blank>
User ID Suffix: <blank>
Enabled: <Checked>
Only for IDP-Initiated SSO: <blank>
Remember to save the results.
From your HANA Cloud Cockpit, click Destinations, and then click “New Destination”, then fill out the parameters as follows:
Name: sap_hcmcloud_core_odata
Type: HTTP
Description: SuccessFactors Core OData API
URL: https://<SF API URL>/odata/v2/ - You can find the corresponding API URL to your Successfactors tenant, by going here: http://help.sap.com/saphelpiis_cloud4hr/EN/SuccessFactors_HCM_Suite_OData_API_Reference_en/frameset....
Proxy Type: Internet
Authentication: (For this simple development scenario, we shall choose) BasicAuthentication
User: <the user you set up in successfactors>
Password: <Password of the user you set up in successfactors>
Additional Properties:
TrustAll = true
WebIDEEnabled = true
WebIDESystem = sap_hcmcloud_core_odata
WebIDEUsage = odata_abap,dev_abap,ui5_execute_abap
Then click save, and your destination will be ready to be consumed from HTML5 and Java Apps.
So, there you have it - the trial account you received, while trying to do the automatic configuration, can be safely ignored!
In the next part (Part 4) of the series, I will explain how to start consuming data from Successfactors, by creating your first Hello World Application, which will be showing data from Successfactors.
You can go back to part 3 of my series here:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
6 | |
6 | |
5 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 | |
3 |