Authentication Method
From SAP Enable Now Wiki
Where to find it
- Manager > Administration > Server Settings > Security and Passwords > Login Behavior > Authentication Method
Purpose
This setting determines the authentication method to be used when accessing any SAP Enable Now content. It is typically set by the SAP Implementer and should not be changed unless explicitly advised to do so.
For the record, the options are:
Authentication Method | Default Options | Description |
---|---|---|
FORM or SAML2 | Trusted SAML 2.0 identity provider with application-to-application SSO | FORM authentication implemented through the Security Assertion Markup Language (SAML) 2.0 protocol. Authentication is delegated to the SAP ID service or a custom identity provider. A key factor of FORM authentication is that when the user is authenticated, a 'session' is created for the user, which has a unique Token. This Token is stored in a browser cookie and passed between the browser and the application (SAP Enable Now in this case) with each HTTP request. If the Token is invalid (or expires) the request is rejected and the user is prompted to authenticate (log on) again. |
BASIC | User name and password | HTTP basic authentication delegated to the SAP ID service or to an on-premise SAP NetWeaver AS Java system. Web browsers prompt users to enter a user name and password. By default, the SAP ID service is used. |
CERT | Client certificate | Used for authentication only with client certificate. |
BASICCERT | User name and password client certificate | Used for authentication either with a client certificate or with user name and password. |
OAUTH | OAuth 2.0 token | Authentication according to the OAuth 2.0 protocol with an OAuth access token. |