SAPSSO2 Generator

After a client is authenticated, SAP Mobile Platform can generate an SAPSSO2 token that enables single sign-on (SSO) access to back-end resources.

SAPSSO2 Generator depends on an authentication provider stacked ahead of it in the security profile to establish a Subject.PrincipalName and generate an SAPSSO2 token based on that name. SAP Mobile Platform Server can initiate SSO access across a system (landscape), once it has authenticated the user.

An authentication provider such as System Login (Admin Only), HTTP/HTTPS Authentication, or Directory Service (LDAP/AD) must authenticate clients before calling SAPSSO2 Generator.