Introducing SAP Cloud Identity Services

Objective

After completing this lesson, you will be able to provide an overview of the SAP Cloud Identity Services.

SAP Cloud Identity Services

SAP Cloud Identity Services are a group of services of SAP Business Technology Platform (SAP BTP), which enable you to integrate identity and access management between systems. SAP Cloud Identity Services is the central solution for managing authentication, Single Sign-On (SSO), and the identity lifecycle. They improve system integration, provide a seamless user experience, and enhance security and compliance.

The SAP Cloud Identity Services consists of four services:

  1. Identity Authentication
  2. Identity Provisioning
  3. Identity Directory
  4. Authorization Management

The Identity Authentication service is responsible for the authentication and SSO.

In contrast, the Identity Provisioning service manages the identity lifecycle, including users and groups (create, change, delete, and so on).

The Identity Directory is the central place for storing and managing users and groups.

Authorization Management enables administrators to refine authorization policies that give access to resources in enabled SAP BTP-based business applications.

Get more information about SAP Cloud Identity Services here.

SAP Cloud Identity Services is integrated and bundled with many SAP solutions, such that these solutions are preconfigured in one central cloud identity tenant that you receive at no additional cost.

SAP Cloud Identity Services is essential in the overall setup as the central component and backbone of IAM architecture for SAP software. SAP solutions integrate with SAP Cloud Identity Services and reuse its functionality wherever possible. Authentication is delegated to Identity Authentication. The user information is directly read from the central store with the Identity Directory service, or the solution-specific user store is integrated through SCIM-based user provisioning within SAP Cloud Identity Services.

Newly built applications use the Authorization Management service for policy-based authorization checks. This standardizes the IAM setup, reduces duplicate functionality, and gives administrators a clean setup with a central IAM configuration and a single access point.

Diagram showing SAP Cloud Identity Services and the related Applications, Corporate Identity Provider and Corporate User Store.

While SAP Cloud Identity Services have various IAM functionalities built in, many customers use it as a broker and appreciate that SAP Cloud Identity Services can be easily integrated with the identity provider and identity management tool of their choice, reducing the efforts to manage and configure each SAP solution manually.

Screenshot showing tiles of the Cloud Identity Services apps

Lesson Summary

You can now describe each of the four services included in the SAP Cloud Identity Services solution.

Log in to track your progress & complete quizzes

Learning

SAP FacebookSAP YoutubeSAP LinkedIn