Symptom
Azure AD was configured as Corporate Identity Provider for Business Users, per help page Establish Trust and Federation Between SAP Authorization and Trust Management Service and SAP Cloud Identity Services
You observed that saml attributes for Groups is not getting updated/mapped to CF and due to the missing groups, role collections can not be assigned based on Azure groups properly anymore.
Read more...
Environment
SAP CLOUD PLATFORM
Keywords
http://schemas.microsoft.com/claims/groups.link, role collections, group mapping, Azure AD , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.