Hi,
On our productive HCP account, we've made a custom Trust relation with our ADFS system.
This works great, and our users are now able to logon with their domain user id, into our HCP apps.
The problem is a bit with the administration.
Now that ADFS is the trusted IDP, we have authorization issues with:
- WebIDE
- HCPms cockpit
These two expect an S-user.
In our HCP, we've also defined a couple of S-users in the members section, as administrators and developers.
One of the ideas I had, was to define a secondary IdP (as you can see in the first screenshot) to Accounts.sap.com, so that I could navigate to the webide and HCPms cockpit with the addition of "?saml2idp=accounts.sap.com" to the url.
Unfortunately, I didn't get that to work because:
A) I don't know the exact settings for Accounts.sap.com
B) I'm not sure that this will work with our custom Trust provider.
Bear in mind that I know very little of SSO and IdP, and most of the above setup is done by trial and error. I'm already very happy that I got the ADFS connection working for the end-users.
Any suggestions how to get the WebIde and HCPms cockpit working again?