Single sign-on (SSO) is a session/user authentication process that permits users to enter a single name and password to access multiple applications. While SSO uses a single login (username/password) to access all applications within the same organization, federated SSO (FSSO) goes a step further and extends SSO across enterprises.
In other words, FSSO allows access to multiple systems across different organizations, benefitting both users and organizations.
Choose one of your Top Identity Providers in the Market to configure in SAP CPQ
As shown in the screenshot below, you can add, select, or configure your identity provider.
You can configure your identity provider via the following fields:
Download SAP CPQ Metadata which is a service provider (sp) and Client Admin will upload it to the IdP System.
Once you’ve configured the settings of the identity provider, follow the instructions to make your settings active.
Check User if SSO is enabled.
Federation Troubleshooting
https://help.sap.com/viewer/665a9ee212394653a84a393035090802/2108/en-US/1388b7d005914567a090ff166827...
In other words, FSSO allows access to multiple systems across different organizations, benefitting both users and organizations.
Choose one of your Top Identity Providers in the Market to configure in SAP CPQ
- SAP IAS (Identity Authentication Services)
- Microsoft Azure
- Okta
- Auth0
- others...
Note :
SAP CPQ currently supports SAML2.0 only.
Prerequisites
- Identity Provider Metadata XML
- SAP CPQ Environment with Admin role
- Pick users to enable Single-Sign on Mode
Identity Providers Settings
As shown in the screenshot below, you can add, select, or configure your identity provider.
Select identity provider - select an existing identity provider from the dropdown menu. In order to appear in this menu, existing identity providers need to be enabled by the SAP CPQ Support team for each domain individually.
The current status of the selected identity provider is displayed right next to it. If you wish to activate an identity provider, you can do so by clicking Activate at the bottom of the page.
Add new identity provider - click to add a new identity provider. Once you fill in the fields, make sure to save and activate your settings. Once you create a new identity provider, it’s visible only in the domain where it was created.
You can configure your identity provider via the following fields:
Download SAP CPQ metadata with selected certificates; download the service provider XML metadata file with the signing and encryption certificates that are selected for that specific selected identity provider. This button becomes available after an identity provider is selected or added.
Name (required) - enter the identity provider application's unique name.
Metadata location (required) - This field contains the relative path to the identity provider metadata XML file that was uploaded. The metadata file is typically stored in the App_Data folder.
Download metadata document - click to download the identity provider XML data file. You can download the IdP file if you need to compare and check if there have been any updates to it. If nothing is updated, there’s no need to reupload the file - instead, you only need to update some settings (for example, a routing or an attribute).
- Upload metadata document: click to upload the identity provider XML data file.
Download SAP CPQ Metadata which is a service provider (sp) and Client Admin will upload it to the IdP System.
Save
Once you’ve configured the settings of the identity provider, follow the instructions to make your settings active.
Check User if SSO is enabled.
Short Demo for users signing through Single Sign-on (SSO) to SAP CPQ using SAP IAS
Federation Troubleshooting
https://help.sap.com/viewer/665a9ee212394653a84a393035090802/2108/en-US/1388b7d005914567a090ff166827...
- SAP Managed Tags:
2 Comments
| User | Count |
|---|---|
| 6 | |
| 3 | |
| 3 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
