SAP focuses on SAML and SAP NW IdM instead of CUA

These days I've met with some of the executives of SAP to talk about their roadmap. Overall, SAP is moving forward with its Identity and Access Management products. e.g. SAP NetWeaver Identity Management (NW IDM). And the integration of the recently acquired SECUDE products and technology will significantly enhance the SAP product portfolio. Some of the new features are improved role management capabilities, reporting via SAP BW (Business Warehouse), and new REST-based APIs for UI creation. No rocket science, but valuable add-ons for their customers. For sure SAP is as well enhancing the integration with their core products and with SAP BO GRC AC (SAP BusinessObjects GRC Access Control).

The most interesting step forward, from my perspective, is the strong focus on SAML 2.0 which shall become the strategic replacement of SAP Logon Tickets, which are some form of proprietary cookies. This allows cross-domain use, in contrast to domain-dependent SAP Logon tickets. And it will provide simpler integration in business processes which span not only the SAP environment but heterogeneous applications. Besides the increased flexibility, SAML can provide much more information about the user. However the step from SAP Logon Tickets to SAML 2.0 won't be a hard or even quick migration. SAP will further support the SAP Logon Tickets - and SAML 2.0 is supported only in backend systems starting with the 7.0.0 release. However, SAML 2.0 offers significant features and SAP provides (besides the integrated IdP in SAP NW IdM 7.1 and higher) as well SP capabilities at the backend.

Another area of migration is about moving from CUA (Central User Administration) to SAP NW IdM. SAP strongly recommends to use SAP NW IdM instead of the limited CUA capabilities. Again, this is a smooth migration - CUA won't, according to SAP, be shut down as long as ABAP-based systems (the older SAP systems) are around. However it isn't recommended anymore to install CUA.

In essence, SAP is continuously enhancing the Identity and Access Management capabilities and strengthens not only the integration into the SAP environment but adds support for heterogeneous environments and standards. Thus, SAP NW IdM is, from a SAP perspective, an enabling technology for the integration within the SAP infrastructure and (especially with SAML 2.0) beyond.


Discover KuppingerCole

KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

Blog

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Latest Insights

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00