Skip to Content

Background:

As you may know, SAP Jam Collaboration comes in different versions from a technical foundation perspective. There are two different applications, where customers handle access management &  user creation. SAP Jam doesn’t have a standalone user management built in and no “native” login either. The two options are:

1) Based on SuccessFactors platform

2) Based on SAP Cloud Platform Identity Authentication Service (IAS). Here is a detailed blog on the general setup of IAS and SAP Jam.

IAS Basics:

For option 2) there are three different ways to create user records, which will then be automatically provisioned to SAP Jam.

  1. Manual creation in the IAS web admin console (Link)
  2. Bulk import using CSV.  Note: only some fields are supported (Link)
  3. Using the IAS SCIM API. Allows creation of full user record.

–> To fully automate the user provisioning customers usually choose the IAS SCIM API. While uploading users via CSV seems like the obvious option for quick tests, it’s quite limited because it only provides a subset of profile fields. Therefore I’d like to show how easy it is to use the SCIM API via Postman:

Part 1: Prepare IAS Admin User

To be able to create users in IAS using the SCIM API you need a technical user. Here’s how you create one:

  • Login to the IAS tenant admin console (https://<tenant ID>.accounts.ondemand.com/admin)
  • Open the Administrators tile
  • Create a new Admin User, with type = System
  • Enter a name for the admin / technical user & save your changes
  • Configure a secure password (I recommend to generate a password in e.g. Password Depot)
  • These credentials will be required for the basic authentication in Postman

Part 2: Prepare Postman

  • Make sure you have Postman installed (depending on your experience with Postman, you can create a new collection to store this new request)
  • Pick POST with the following endpoint: https://<tenant ID>.accounts.ondemand.com/service/scim/Users
  • Authorization:
    • Select Basic Auth and enter the credentials from the System admin user you have created in IAS in part 1
  • Headers:
    • Authorization = automatically generated based on the Basic Auth information
    • Content-Type = application/scim+json
  • Body:
    • Select raw and Text

Part 3: Creating Users

  • Paste / create a sample JSON for a user you want to create in IAS -> SAP Jam
  • A full example can be found here (Link)
  • Some fields (e.g. department) have pre-defined values. Adding custom ones via this SCIM API call won’t work – you have to update the tenant master data texts using a separate API (Link); there is no UI available for this and it’s required to perform this step in advance of using any of the desired custom values for e.g. department.
  • Example JSON:
    • {
          
          "userName": "johnsmithexample",
      
          "name": {
      
              "givenName": "John",
      
              "familyName": "Smith",
      
              "honorificPrefix": "Mr."
      
          },
      
          "emails": [{
      
              "value": "john.smith@example.com"
      
          }]
          
      }

 

Part 4: Results

  • You’ve successfully created a user record in IAS using the SCIM API:
To report this post you need to login first.

2 Comments

You must be Logged on to comment or reply to a post.

  1. Former Member

    Very helpful Florian. Can we also assign groups while creating the user ? Or do that post user creation using the API ?

    Regards,

    Parag.

    (0) 

Leave a Reply