3418692 - How to revert the identity provider from SAML SSO to SAP Cloud Identity (Default)

When using a custom SAML SSO Identity Provider (IdP), reverting back to the SAP Default Cloud Identity IdP is possible in case users are unable to authenticate or log into SAP Datasphere.

To change the identity provider we can:

• 1. Change the Authentication Method 
  2. Revert Custom SAML SSO IdP to SAP Default Cloud Identity IdP.

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

SAP Datasphere

Option 1:

To change the Authentication Method a user must be able to log into the system.

With that, go to System → Administration → Security and change the option from "SAML SSO" to "SAP Cloud Identity Default".

Option 2:

Adjust the SAP Datasphere tenant's IdP Configuration using the self-service Identity Provider Administration Tool:

https://console.<data center>.sapanalytics.cloud/idp-admin/    !!Note the TRAILING slash after idp-admin!!

Examples:

• When tenant is hosted in EU10 the URL should look like https://console.eu10.sapanalytics.cloud/idp-admin/
• When tenant is hosted in CN40 the URL should look like https://console.cn40.analytics.sapcloud.cn/idp-admin/
• When tenant is hosted in US10 the URL should look like https://console.us10.sapanalytics.cloud/idp-admin/

This tool is accessible using a valid S-User or P-User with the same e-mail address associated with the tenant's system owner.

Note:

• The steps above are only applicable if the SAP Datasphere tenant is not accessible.

• SAP Datasphere Help Identity Provider Administration;
• SAP Datasphere Help Enabling a Custom SAML Identity Provider (Legacy Custom IdP);

not accessible, not available, unavailable, standard IdP, back, SSO,  , KBA , DS-SEC-AUTZ , Authorizations (Locks, etc.) , How To