The SSO integration tool allows configuration managers to implement and perform SSO-related administration actions for their organization.
It provides an intuitive wizard framework that allows you to enable, edit, manage, and troubleshoot your SSO configuration.
SSO Process
There are two ways for SSO to initiate a session in SAP Fieldglass:
- Identity Provider, or IdP, in which the user clicks a link that routes to an authentication server, which verifies the user and transmits the identity information to SAP Fieldglass to log the user in.
- Service Provider, or SP, in which the user clicks a link that routes directly to SAP Fieldglass, which in turn sends an authorization request to the authentication server, which verifies the user and transmits the identity information to SAP Fieldglass to log the user in.
SAML
Once the user is authenticated by the customer’s internal authentication server, a SAML request is sent to SAP Fieldglass via the user’s browser.
SAML, or Security Assertion Markup Language (SAML), is an open standard XML-based solution for exchanging user security information between an IdP and an SP.
When the user is authenticated, the ID system sends SAP Fieldglass an XML file with the user attributes indicating that the user can access the application.
SSO Configuration
The functionality of the Single Sign-On tile on the dashboard depends on whether you’re a new SSO client or an existing SSO client.
For new SSO clients, the Enable Single Sign-On tile opens the setup wizard and allows you to add new SSO details.
For existing SSO clients, the View Single Sign-On tile opens the Setup Details page and displays your existing SSO setup details, which you can edit.
