This KBA is to list the most frequently asked questions and answers on ByD Security Topics
Scope of this KBA is restricted to,
SAP Business ByDesign
You are configuring SSO (using any IDP) to connect with ByD and would like to know whether it possible to display below options after completing the SSO settings in IDP and SAP Business ByDesign?
・Login using SSO from the login screen
・Normal login using SAP Business ByDesign login ID and password
It is not possible to have such screen in SAP Business bydesign. For basic authentication (User name and Password), the URL is myXXXXXX.sapbydesign.com. In case of SSO enabled then the URL will have -SSO.
These two are different options for logging into the system and above option is not possible
Question 2: How to configure SSO in AZURE to connect with SAP Business bydesign?
Answer: Refer to microsoft tutorial - https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/sapbusinessbydesign-tutorial
Question 3: Is User Certificate and Tenant Certificate same?
Answer: No, Both the certificates are different
Question 4: How to Logon ByD by Using Client Certificate (X.509)?
Answer: Users can log on using client certificate to ByDesign. Please follow the help document https://help.sap.com/docs/SAP_BUSINESS_BYDESIGN/2754875d2d2a403f95e58a41a9c7d6de/9af7170c8661101482cd8d8dce5e5949.html
Question 5: Can SAP provide me the certificate for testing?
Answer: No. Customer needs to get the certificate from one of the trusted Certificate Authorities. Please find more details here https://help.sap.com/docs/SAP_CLOUD_FOR_CUSTOMER/abfba1342cfb4832ab722fa041f6c4b7/e2edbf58fb334439892eda3e6afc87b9.html?locale=en-US (document is for C4C but still applicable for ByD).
SSO, certificate, authentication , KBA , SRD-CC-SEC , Security , Problem