Client Hub

Client Hub is a native application a user installs on the device that allows multiple business applications to share common credentials enabling an SSO-style behavior. The Client Hub, integrated with Logon Manager, simplifies user onboarding and configuration to enable easier and faster enterprise-wide deployments. Client Hub is an additional layer of management on top of the shared keychain, and allows end users to control which applications are using their credentials. The Client Hub reduces the effort required by the end user to manage multiple passwords for mobile applications and improves the user experience. Client Hub supports both OData and Hybrid (Kapsel) applications.

Figure 20: Client Hub Overview for iOS
Client Hub Overview for iOS

Figure 21: Client Hub Overview for Android
Client Hub Overview for Android

Open the Client Hub application to set the SSO passcode. The SSO passcode is a unique password used for Client Hub applications. The same passcode should be entered in the business application when credentials are requested from Client Hub applications. Once the SSO Passcode is created in the Client Hub application, a shared DataVault is created. The Business Application 1 (OData or Kapsel) chooses to work with Client Hub. For the first time, user enters the credentials and, on successful onboarding, these credentials are stored in the shared DataVault using the SSO passcode. If a Business Application 2 (OData or Kapsel) also chooses to work with Client Hub, it can retrieve the same stored credentials using the same SSO passcode and onboard successfully.

The Client Hub simplifies application onboarding by:

  • Onboarding multiple applications to SAP Mobile Platform. Once the end user has onboarded the first application, all subsequent applications that are enabled for Client Hub onboard automatically.
  • Managing the single sign-on (SSO) vault on the device.
  • Enabling cosigned business applications with the same security configuration to securely share credentials on the device.
  • Supporting multiple security configurations per device.
  • Supporting backend password change events. If the backend password changes, once the end user updates in a single application, all other applications automatically pick up the update.