Area of SSO Expertise | On-Premise

  • SAP Single Sign-On 3.0 and SNC Client Encryption 2.0 including migration support from third-party SNC solutions
  • Holistic advice on all common SSO standards and their correct use in the SAP environments
  • Encryption of SAP communication protocols and interfaces using Secure Network Communications (SNC) and Transport Layer Security (TLS)
  • Hardening your CommonCryptoLib and SSO related profile parameters
  • Implementing communication security and single sign-on for your
    traditional SAP Business Suite and S/4HANA applications:
    • SAP GUI, SAP Business Client, SAP Analysis for Office/BEx
    • SAP HANA Cockpit and Studio (SAP HANA XSA)
    • SAP Fiori Launchpad and SAP Gateway
    • SAP ABAP based web-applications (ICF-services)
    • SAP Enterprise Portal and AS Java-based web-applications
    • SAP BusinessObjects including BI client tools
  • Supporting design and integration with your PKI (public key infrastructure)
  • Implement the automation of certificate provisioning and renewal (SAP certificate lifecycle management) for on-premises SAP systems
    (ABAP and Java) using the CLM-capabilities of SAP Secure Login Server
  • Designing strategies to securely expose your internal SAP applications while utilizing existing components such as reverse proxies, web dispatchers
  • Integrating with modern solutions like Azure Active Directory Application Proxy and cloud-based security components
  • Considering complex Active Directory environments with multiple domains and forests
  • Outlining approaches for implementing Identity Federation
    scenarios and integrations with existing Identity Providers
  • Integrate with further IT components, cloud systems
    and SaaS applications including non-SAP applications
  • Support integration with mobile devices and MDM gateways
  • Integration with hardware tokens (smartcards) and hardware security modules
  • Providing multi-factor authentication (MFA) for SAP GUI and
  • Implementation of projects for contactless authentication
    using RFID-devices (Warehouse and Kiosk-scenarios)
  • Supporting projects in the area of digital signatures and
    re-authentication (SSF)

Area of SSO Expertise | Cloud

SAP Cloud Identity Services (Focus on Identity Authentication)

  • Connecting the service with your SAP SaaS solutions like SAC, C4C, IBP, SFSF, Ariba, and others
  • Connecting BTP subaccounts to your SAP Cloud Identity Services tenants  (Identity Authentication) and corporate identity providers
  • Integrate IAS with your on-premises and Non-SAP SaaS applications using OIDC or SAML for SSO
  • Setup identity provider (IdP) proxy mode, flexible SAML attribute and group mappings and merging, combining identity data from SAP Cloud Identity Services and corporate IdP
  • Risk-based authentication in IdP proxy and federation scenarios
  • Outlining different user-onboarding scenarios
    (SCIM and IDM integration) possible with the
    SAP Cloud Identity Services (IAS and IPS)
  • Integrating the service with your on-premise user store (AD)
  • Configure SPNEGO for easy SSO towards SAP’s Business Technology Platform and SaaS applications
  • Configure social sign-on scenarios supporting B2B and B2C

SAP Cloud Connector

  • Secure configuration and hardening of your cloud connector
  • Connecting your cloud applications with your corporate user store
  • Configuring Principal Propagation for seamless SSO towards
    your on-premises SAP systems like SAP S/4HANA

Integration with Non-SAP cloud solutions

  • Integrating Microsoft Power BI for seamless SSO towards your
    SAP BW or S/4HANA systems using CommonCryptoLib and Kerberos
  • Integrating the SAP security landscape with existing third-party identity providers like Azure, ADFS, Shibboleth, Open AM, BIG-IP, and others
  • Integrating with Microsoft Azure Active Directory as an authentication instance. Utilizing security features like Conditional Access for further restricting and controlling access towards SAP applications.
  • Consulting for scenarios to securely expose on-premises applications using cloud gateways like MSFT AAD Application Proxy or others

You want to learn more about SAP SSO and Secure Authentication?

Find out more about SAP SSO and our tailor-made authentication services.


Get in touch with us!

Do you have questions about our products?

+41 43 422 8803
[email protected]
+49 7656 8999 002
[email protected]
+1 855 594 84 64
[email protected]
+44 1454 838 785
[email protected]

Attend our live webinars and learn more from our experts about SAP authorizations, XAMS, SAP IDM and many other topics in the context of SAP security.

Register now