Enabling the SAML 2.0 Service Provider in SAP NetWeaver ABAP

When we integrate SAP NetWeaver ABAP with identity providers, we need to perform several activities on SAP NetWeaver ABAP system and identity provider system. Enabling the SAML 2.0 service provider is one of the very crucial activities, which we need to perform on SAP NetWeaver ABAP System.

When I was performing integration activity between SAP NetWeaver ABAP system and identify provider, I need to do reference multiple documentation from help.sap.com and sap integration guides. I am writing this blog to cover this topic and make simple enabling the SAML 2.0 Service Provider in SAP NetWeaver ABAP. Use this procedure to enable SAML 2.0 support in SAP NetWeaver ABAP system and make basic configurations for a SAML 2.0 service provides.

Start the transaction code SAML2 on SAP system

Choose the Enable SAML 2.0 Support

Select “Create SAML 2.0 Local Provider”

Give service provider name and click Next Button. Here you can give any logical name.

Select default and choose Next Button

Select default setting and choose Finish Button. Once wizard finish, you will see following screen.

You can download metadata from this screen and send it to Identity Provider team. Once Identity Provider team send you a metadata file, you need to upload metadata to trusted provider tab.

You need to activate following two ICF services as part of Enabling the SAML Service Provider in SAP NetWeaver ABAP.

/default_host/sap/public/bc/sec/saml2

/default_host/sap/public/bc/sec/cdc_ext_service
Login to SAP system and run tcode SICF

Explore /default_host/sap/public/bc/sec/ service

Select saml2 and right click,

Select Yes when it prompt, “Do you want to activate service”

Perform same steps to activate server.

Hope this blog will help you to enable the SAML 2.0 service provider in SAP NetWeaver ABAP system.