Registering Identity Provider

In SAP Jam, each back-end system and each client you want to connect must be published as an identity provider (IdP).

Prerequisites

You have the IdP certificate file in your current client as described in Preparing SAML2.

This section describes how to register your identity provider in SAP Jam.

Recommendation

Apply the following naming convention:

<company ID>_<system ID>_<client>

Example

For the ACME company with system ACM and client 100:

ACME_ACM_100

Log in to Jam as a company admin.
From the Admin menu, choose SAML Trusted IDPs.
On the SAML Trusted IDPs screen, choose Register your identity provider.
The Register a New SAML Trusted Identity Provider screen appears.

To register the identity provider that you created in the back end, enter the following values:

Field	Value
IDP ID	Enter the provider name you assigned in the back end (See Preparing SAML2). The names in SAP Jam and in the back end have to be identical.
Allowed Assertion Scope	To enable the IdP for users in your company, select Users in my company.
Certificate	This is the IdP certificate you saved in a file as described in Preparing SAML2.

Field

Value

IDP ID

Enter the provider name you assigned in the back end (See Preparing SAML2).

The names in SAP Jam and in the back end have to be identical.

Allowed Assertion Scope

To enable the IdP for users in your company, select Users in my company.

Certificate

This is the IdP certificate you saved in a file as described in Preparing SAML2.

You have authenticated your application for SAP Jam using a SAML2 assertion.