SAP Knowledge Base Article - Preview

3375580 - How to establishing trust relationship between BTP and AD with IAS and map role collection based on SAML attributes from AD


  • You want to establish trust (SSO) between BTP and Azure AD by using Identity Authentication Service (IAS).

  • After setting up trust, you want to give AD authenticated users certain BTP role collections using SAML attributes sent from AD, a process known as Role Collection Mapping.

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."



  • SAP Business Technology Platform
  • SAP Identity Authentication Service
  • Azure Active Directory


SAP Business Technology Platform, Neo environment all versions ; SAP Cloud Identity Services all versions


single sign on, ad, btp, ias, trust relationship, role map, ias as proxy , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , BC-IAM-IDS , Identity Authentication Service , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.