SAP Cloud Platform Authentication: Corporate User Store

Authenticate user credentials on SAP Cloud Platform using a corporate user store within the customers' on-premise network

SAP Cloud Platform supports several authentication methods between the end user and the app running on the SAP Cloud Platform: Form-based/SAML, Basic, Cert, BasicCert and OAuth. This list encompasses all the authentication methods on the platform, however you should still review the authentication method that is being offered for the service that you plan to use. Each service on SAP Cloud Platform could have its own requirement.

Supporting Resources

This blueprint pays special attention to the form-based/SAML (Security Assertion Markup Language) authentication method. This authentication method is implemented over the Security Assertion Markup Language (SAML) 2.0 protocol, so the authentication can be delegated to any identity provider that is SAML 2.0 compliant. This means that the following security deployments are possible

  • SAP Cloud Platform Identity Authentication service
  • Corporate user store
  • 3rd Party corporate identity provider
  • SAP ID service

This blueprint explains how an app running on SAP Cloud Platform can use a corporate user store that the customer has already established in their network to authenticate application users. The solution diagram above illustrates a basic architectural pattern implementing authentication using an on-premise user store.

Bill of Material - SAP Cloud Platform Components for Licensing Considerations

Note that the following Bill of Material is for reference purposes only. The following table is only an example of SAP Cloud Platform services and components required for this use case. Please consult your SAP Account Executive regarding your specific licensing needs.  Calculations below are based on 100 users.

SAP Cloud Platform services

Function

Licensing metrics

Example

SAP Cloud Platform Identity Authentication

Simplify and secure cloud access from anywhere, on any device.

Logons in blocks of  100

3,000 logons

Customers can use SAP Cloud Platform pricing estimator to calculate the required investment for a particular project. Scale up or down on services as required.

Members and partners of SAP PartnerEdge* can evaluate the development of an application for this use case – most development licensing is covered by the packs offered by the SAP partner licensing services. Click here for details.

*excluding open ecosystem and basic.

Visit SAP Cloud Platform Identity Authentication page to learn more about its capabilities.