Professional Documents
Culture Documents
BUSINESS NETWORK
BUSINESS
PROCESS Across All Functions
Lead to Cash
Recruit to Retire
Design to Operate
Source to Pay
EXPERIENCE MANAGEMENT
Intelligent Suite
APPLICATIONS SAP S/4HANA SAP Fieldglass Industry Cloud
SAP SuccessFactors HXM SAP Concur
SUSTAINABILITY MANAGEMENT
Recruit to Retire Plan Staff Onboard Work Travel Pay & Close
Approve and
Post Job interview select recruiting
send offer
candidates candidates effectiveness*
Collect personal
Create new Post-hire Complete Measure
data and
hire tasks tasks onboarding onboarding*
compliance forms
workforce
requisition requisition work & life Post payroll
demographics pending (working) Run payroll
to inform hiring for internal request events of results
hires times
Core HR
Payroll
Pre-payroll Post-payroll
processing
analytics* analytics*
analytics*
SAP S/4HANA
Assign Update
Cloud
Implementation, Configuration, and Operation Tools SAP Cloud ALM SAP Central Business Configuration
© 2021 SAP SE or an SAP affiliate company. All rights reserved. ǀ PUBLIC * Requires Workforce Analytics (WFA) license 4
Identity Access Management
SAP Cloud Identity Services – Identity Authentication, Identity Provisioning
Identity Identity
Authentication Provisioning
Authentication &
Single Sign-On
SAP S/4HANA
Delegated
Authentication
Corporate
Identity Provider User Store
Identity Authentication
Username/password
Authentication X.509
Kerberos / SPNEGO SAML /
Business OpenID Connect
2FA (TOTP, RSA, SMS)
User Identity Federation
Corporate user store
Cloud
SAML Connector
Member of
User Group Partner Identity Providers
Partners
IP Address
Range
Externals
Identity
Email Authentication
Domain
User
Corporate Identity Provider
Type
Employees
Capabilities
▪ IdP proxy – integration with existing IAM infrastructure
▪ Based on open security standards: SAML 2.0 and
OpenID Connect (OIDC)
▪ Delegated authentication to multiple identity providers
▪ Multi-factor authentication
▪ Configured password policies
▪ Risk-based authentication
▪ Protecting self-registration with Google reCAPTCHA
or phone verification
▪ Branding and customization, such as company logo
▪ Logon overlays
▪ User and group management
Create user
account De-provision
Update Update
user and
Assign authorizations authorizations
authorizations
authorizations
Capabilities
▪ Based on open security standard: SCIM 2.0
▪ Provides IPS system connectors of scopes:
Source, Target, Proxy
▪ Configurable properties and transformations
to:
− Merge identities from multiple sources
− Define policy-based assignments
− Map between identity models
− Filter identities to be read/written
▪ IPS system connectors of proxy scope to:
− Support hybrid system integration with
on-premise SAP Identity Management
− Support third-party IAM integration
Identity Authentication
Username/password
X.509
Authentication
Kerberos / SPNEGO
Business 2FA (TOTP, WebAuthn, RSA, SMS)
Identity Federation
User Corporate user store
Browse our road map in the SAP Road Map Explorer: The road map explorer is an important
tool to use in articulating the product vision and strategy.
Browse Online
open@sap.com
Follow all of SAP
www.sap.com/contactsap