Show TOC

Managing Name IDsLocate this document in the navigation structure

Context

The name ID is the common identifier between the SAML 2.0 identity provider and the service provider. By setting the name ID for a user on an SAP NetWeaver Application Server (AS) to the same name ID for a user on an identity provider, you federate the two accounts. By removing the name ID for a user, you defederate the accounts.

Use this procedure to federate and defederate accounts or to identify the name ID used by a user account for different identity providers.

Procedure


  1. Start SAP NetWeaver Administrator with the quick link /nwa/auth .

  2. Choose Start of the navigation path SAML 2.0 Next navigation step Name ID Management End of the navigation path.

  3. Enter a user and choose a name ID format.

    To select multiple users, select a role or group.

    Note

    You can only remove persistent name IDs when you select multiple users with a role or group.

  4. Enter data as required.

    • Federate single user accounts by editing the name ID of the user.

    • Defederate one or more user accounts by removing the name ID.

    If the User ID Mapping Mode is set to User Attribute for the name ID format, you can edit the user attribute. You can check that possibility on the Identity Federation tab of the Trusted Providers section.

  5. Save your entries.