SAP NetWeaver Single Sign-On

For Single Sign-On (SSO) scenarios, we offer the SAP NetWeaver Single Sign-On product (SAP NW SSO). SAP NetWeaver Single Sign-On centralizes and greatly simplifies the way users log on to systems and applications in your IT landscape. It includes mobile single sign-on with the SAP Authenticator app, risk-based authentication using access policies, or two-factor authentication.

Seamlessly integrated into your existing authentication processes, SAP NetWeaver Single Sign-On offers enhanced security through state-of-the-art technology. But that is not the only benefit SAP NetWeaver Single Sign-On has to offer. Reduce your operating costs by eliminating password-related helpdesk calls, and improve user productivity - more than enough reasons to start thinking about implementing a single sign-on solution in your company.

For more information, see SAP NetWeaver Single Sign-On.

Secure Login provides strong encryption, secure communication, and single sign-on between a wide variety of SAP components. For more information, see the central SAP Note 1912175 Information published on SAP site .

SAP GUI and SAP NetWeaver platform with Secure Network Communications (SNC)
HTML-based user interfaces and SAP NetWeaver platform with Secure Socket Layer – SSL (HTTPS)
Third-party application servers supporting Kerberos and X.509 certificates

In a default SAP setup, users enter their SAP user name and password on the SAP GUI logon screen. SAP user names and passwords are transferred through the network without encryption. To secure networks, SAP provides a Secure Network Communications interface (SNC) that enables users to log on to SAP systems without entering a user name or password. The SNC interface directs calls through the SAP Cryptographic Library to encrypt all communication between SAP GUI and the SAP NetWeaver application server, thus providing secure single sign-on. For more information, see the related link.

In a scenario with SAML 2.0, the user is authenticated by an identity provider. SAP also offers an identity provider as part of SAP Single Sign-On. An alternative option is the use of an external identity provider. For more information, see the related link.