SAP Knowledge Base Article - Preview

3512235 - The E-Mail attribute in BTP Users menu has the value <sub value>@user.from.sap.custom.cf

Symptom

  • You have established BTP <=> IAS <=> Azure IDP for user authentication.
  • You've disabled Identity Federation, which means IAS only acts as a proxy to take all assertion attributes and Subject Name Identifier from the corporate IdP assertion and sends them to the application.
  • "Create Shadow Users on User Logon" is enabled for IAS IDP at BTP.
  • When user first login to BTP, the shadow user will be created in BTP Users menu.
    However, the E-Mail attribute in BTP has the value <sub value>@user.from.sap.custom.cf, where <sub value> is the value of Azure IDP's Subject Name Identifier.
  • The expected behavior is that E-Mail attribute in BTP has the correct e-mail address.


Read more...

Environment

  • SAP Cloud Identity Services
  • Business Technology Platform
        

Product

BTP all versions ; SAP Cloud Identity Services all versions

Keywords

user.from.sap.custom.cf, btp, ias, azure ad, e-mail address, mail, wrong e-mail, wrong mail, oidc, saml , KBA , BC-IAM-IDS , Identity Authentication Service , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.