SAP Knowledge Base Article - Preview

3611370 - BTP Subaccount Trust Configuration Azure AD - Groups are not retrieved anymore

Symptom

Azure AD was configured as Corporate Identity Provider for Business Users, per help page Establish Trust and Federation Between SAP Authorization and Trust Management Service and SAP Cloud Identity Services

You observed that saml attributes for Groups is not getting updated/mapped to CF and due to the missing groups, role collections can not be assigned based on Azure groups properly anymore.

 


Read more...

Environment

SAP CLOUD PLATFORM

Keywords

http://schemas.microsoft.com/claims/groups.link, role collections, group mapping,  Azure AD , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.