Show TOC

Enabling HTTP Access to SAML EndpointsLocate this document in the navigation structure


Some user agents cannot support Secure Socket Layer (SSL) to protect HTTP. To support such users, you can enable the access to SAML endpoints over HTTP.


We recommend the use of SSL to prevent eavesdroppers from accessing authentication information in SAML messages. You can protect authentication information with encryption and by using the back channel.

For more information, see the following


  1. Start SAP NetWeaver Administrator.
  2. Choose Start of the navigation path Configuration Management Next navigation step Security Next navigation step Authentication and Single Sign-On End of the navigation path and choose Start of the navigation path SAML 2.0 Next navigation step Local Provider End of the navigation path.
  3. Choose the Edit pushbutton.
  4. Choose the General Settings tab.
  5. Under Miscellaneous , choose Yes in the Allow HTTP Access field.
  6. Save your entries.


If you change the configuration of your service provider, update the configurations of any identity providers that trust your service provider to match.