SAP Knowledge Base Article - Public

2505553 - Basic Authorization cannot be used in a SSO enabled Successfactors instance


  • Your Successfactors instance is Single Sign On(SSO) enabled
  • You are trying to authenticate on the API server using "Basic Authentication" with this user




 When SSO is enabled, the user cannot use Basic Authentication


  • A partial workaround is available through a feature called partial org sso for App login.
  • Users who have been assigned the permission "Manage Integration Tools --> Allow Admin to Access OData API through Basic Authentication" from the Manage Permission Roles can log in using a password into the SuccessFactors system, even if they are an SSO user(after enabling the partial SSO feature).
  • Note: Basic Authentication should be used only by users who need administrative access for system-to-system data integration(In the SSO enabled instance).

Additional suggestions in case your SF user have the password incorrect resulting in HTTP 401 and you cannot reset via SuccessFactors user interface because these are SSO users:

  • If you have other API user credentials, please use it to do one OData.User upsert with field <password>
  • Other alternative is trying to use imports = Admin center > Import Employee Data (create new user with PWD and password)


  • Basic auth not allowed in SSO enabled instance
, KBA , LOD-SF-INT-API , API & Adhoc API Framework , LOD-SF-INT , Integrations , LOD-SF-INT-ODATA , OData API Framework , Problem


SAP SuccessFactors HXM Core all versions