SAP Knowledge Base Article - Public

3485176 - SSO in Datasphere with Azure AD as Idp is not working

Symptom

When configuring SAML SSO in Datasphere , the account verification step fails with Unauthorized 401

Environment

SAP Datasphere

Cause

The attribute Groups=sac is not configured correctly

Resolution

As the IdP is Azure, the Groups=sac attribute should be defined in Azure attribute 

Refer to the screenshot below while mapping the attributes in Azure :

See Also

Integrating SAP Analytics Cloud with Azure AD SAML

Keywords

sso, saml, datasphere, azure, unauthorized, idp , KBA , DS-AUT , Authorizations (Locks, etc.) , Problem

Product

SAP Datasphere all versions

Attachments

Pasted image.png