Show TOC

SAML2 ProviderLocate this document in the navigation structure

The SAML2 provider uses a trusted identity provider to authenticate users.

When you use the Security Assertion Markup Language 2.0 (SAML2) protocol in SAP Mobile Platform, you define a local service provider to determine authorizations based on information from a trusted identity provider. The trusted identity provider maintains its own database of users and their SAML2 attributes. When a user requests access to a resource, the service provider retrieves a SAML2 assertion from the identity provider. The service provider then reads the user name from the subject or one of the attributes in the SAML2 assertion to determine whether to grant the user access to the resource.

Note Do not stack multiple SAML2 login modules in the same security profile. When authentication fails, a SAML2 login module raises a warning indicating the identity provider to which the client should be redirected to initiate the SAML flow.