Hi,
On our productive HCP account, we've made a custom Trust relation with our ADFS system.
This works great, and our users are now able to logon with their domain user id, into our HCP apps.
Image may be NSFW.
Clik here to view.
The problem is a bit with the administration.
Now that ADFS is the trusted IDP, we have authorization issues with:
- WebIDE
- HCPms cockpit
Image may be NSFW.
Clik here to view.
These two expect an S-user.
In our HCP, we've also defined a couple of S-users in the members section, as administrators and developers.
Image may be NSFW.
Clik here to view.
One of the ideas I had, was to define a secondary IdP (as you can see in the first screenshot) to Accounts.sap.com, so that I could navigate to the webide and HCPms cockpit with the addition of "?saml2idp=accounts.sap.com" to the url.
Unfortunately, I didn't get that to work because:
A) I don't know the exact settings for Accounts.sap.com
B) I'm not sure that this will work with our custom Trust provider.
Image may be NSFW.
Clik here to view.
Bear in mind that I know very little of SSO and IdP, and most of the above setup is done by trial and error. I'm already very happy that I got the ADFS connection working for the end-users.
Any suggestions how to get the WebIde and HCPms cockpit working again?
