Hello everyone,
I'm currently in the process of drafting an internal proposal to introduce X.509 SSO functionality to the SAP ERP Connector within Power Platform (Apps & Automate), and I've managed to get the following Proof of Concept up and running.
However, I've hit a bit of a snag at step 2 of the process. As it stands, I manually generate the client certificate for my user (authtest01) without a clear understanding of how this step would fit into typical enterprise environment. It's my understanding that most large organizations have a PKI in place capable of issuing these types of certificates. My question to the community is: how can I, in a practical manner, retrieve these certificates on behalf of my users to facilitate their authentication with SAP? Would it be an okay assumption that the certificates would be available in a customer's Azure Key Vault? Or would they possibly be exposed on a claim for the user in Entra ID?
Here is how I first envisioned it working, however was told by a previous SAP expert that assuming companies would put their customers certs into Azure Key Vault might be a stray assumption. Thus, I wanted to check in here with the community.
I'd really appreciate any insights, advice, or suggestions you could offer to help refine this aspect of the SAP ERP connector for the Power Platform. Your input will be invaluable in shaping its development.
Diagrams:
Power Automate access SAP via X.509 Certificate Mermaid Sequence Diagram
Power Automate with Auth to Entra ID access SAP via X.509 Certificates Mermaid Sequence Diagram
- SAP Managed Tags:
Accepted Solutions (0)
Answers (1)
| User | Count |
|---|---|
| 81 | |
| 11 | |
| 10 | |
| 8 | |
| 7 | |
| 6 | |
| 6 | |
| 6 | |
| 5 | |
| 5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.