SAP Authentication and Authorizations

Optimize your authorization management

with us

SAP Authentication and Authorizations

Efficient management of user identities and access rights has a positive impact on all employees within the organization. Leverage new SAP technologies with us, for example in a hybrid environment, and benefit from our many years of SAP experience in authorization management.

SAP Business Technology Platform (BTP) and SAP Cloud Identity Services

SAP has made significant investments in cloud security and identity management to provide you with future-proof solutions. We support you in transitioning from traditional security measures to modern cloud security standards.

SAP BTP connects traditional and cloud-based applications, enabling the optimization of your access management and the protection of your business identities. To successfully implement this, both SAP BTP and SAP Cloud Identity Services should be integrated into your cloud and on-premise environment. This helps you avoid duplicate maintenance efforts, for example, if you are already using a central user store such as Microsoft Azure.

Our services provide a solid foundation for your cloud security strategy, including the following offerings:

  • Security assessments of SAP BTP based on SAP Best Practices

  • Development and implementation of customized authorization concepts in the BTP cockpit

  • Integration of SAP Cloud Identity Services

  • Integration of SAP BTP accounts and SaaS solutions for efficient identity lifecycle management with SAP IPS (Identity Provisioning Services)

  • Monitoring using Cloud ALM (successor of Solution Manager)

  • Configuration of trust and identity federation for SAP BTP (Platform & Application IdP)

Centralized user management with SAP Cloud Identity Services

Cloud applications and services do not store user information. This is where an identity provider comes into play, securely managing this data. This centralizes authentications and decouples them from permissions and application capabilities.

Two essential services are provided free of charge:

  • SAP Identity Authentication Service (IAS): Enables secure access to web applications, considering various authentication methods.
  • SAP Identity Provisioning Service (IPS): Manages the entire identity lifecycle and synchronizes users and permissions across different systems.

SAP Identity Authentication Service (IAS)

With SAP IAS, you can easily and securely access your web applications. Key features include:

  • Single Sign-On (SSO) with SAML 2.0, including two-factor authentication

  • Integration and user administration from on-premise systems

  • Proxy functionality for authentication via corporate IDPs (e.g., AD, Azure AD)

  • User registration, password reset, and user self-services for easy maintenance of user profiles

SAP Identity Provisioning Services (IPS)

 

To manage identity lifecycle management, IPS offers:

  • Management of users and permissions across different systems

  • Access to enterprise identity stores such as SuccessFactors, Microsoft Active Directory, or SAP AS ABAP

  • Central synchronization and integration of on-premise applications, also in hybrid SAP environments

  • End-to-end lifecycle management of enterprise identities

Optimize your authorization management

A customized authorization concept is key to ensuring transparent and risk-free management of user rights. After analyzing your requirements, we will show you ways to optimize your SAP authorization management or integrate modern features of the SAP Cloud BTP effectively.

Job-based authorization concept

Our experience shows that using composite roles in an SAP system offers numerous benefits. These act as containers for individual roles assigned to a specific job (e.g., accountant, maintenance worker). This ensures that employees only receive the rights they need, avoiding “authorization sprawl.”

Design of the FIORI interface

Through SAP role management, we make the FIORI interface user-friendly. Each workplace receives the appropriate apps, which are individually made available on the Launchpad through catalogs and spaces. Features like customizable homepages (SAP My Home Page) and easy navigation via new search connectors enhance the user experience.

Leverage our expertise and future-proof your SAP landscape!

Your

contact person

Karl-Heinz Ridder
Sales Manager
Tel.: +49 441 309006-0
E-Mail: vertrieb@ba-gmbh.com

Karl Heinz Ridder Sales Manager BA Business Advice GmbH

Interested? Get in touch with us! We look forward to talking to you!