Skip to Content
Author's profile photo Murali Shanmugham

Setting up Authentication for Cloud Portal using Cloud Identity – IV

This blog is part of a series which is related to setting up Cloud Identity to authenticate Cloud Portal in different scenarios.

Setting up Authentication for Cloud Portal using Cloud Identity

Part 1 – Setting up SCI as IdP for a vendor facing Cloud Portal

Part 2 – Using Social Identity Providers to access Cloud Portal

Part 3 – Setup Self-registration form

Part 4 – Manage Cloud Portal Catalogs and roles

Part 5 – Mapping of groups between SCI and Cloud Portal

Part 6 – Setup 2FA for Cloud Portal access

In the previous blogs, we had a look at how to use Social Media login to gain access to SAP applications using SCI. In this blog, I am going to show how you can manage and assign Portal roles based on the way in which the user profiles are created in SCI. The Cloud Portal (based on Fiori Launchpad) has catalogs and groups which contain the applications. These applications are shown as tiles to the user. Based on the user logging into the Portal, relevant tiles will be displayed to them via the corresponding catalogs/groups. I am going to take an example of two roles – Employee and Manager.

Create a Portal Site

The first step is to create new Portal site using the Portal Service.


Provide a name as Self-Service and select the template “SAP Fiori Launchpad”


From the menu, select “Catalog” and create two catalogs – one for Employee and another for Manager.


Add two new roles – Employee and Manager and assign them to the respective users as shown below


I have created two test users – One for Employee and the other for Manager in SCI. Notice that I have assigned SCI User P000030 with the HCP employee role


You will be presented with the Tiles relevant for employee roles. Notice the corresponding SCI User ID – P000030 (which represents the employee user)


In the next blog, we will see how to use SCI to map these user roles.

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.