Coffee
Arrow left

IDILIA FOODS

Logo Idilia Foods
Year
June - Novembrer 2024
Services
Single Sign-On
Industry
Food
Idilia Foods, as part of its commitment to cybersecurity and the protection of access to its systems, decided to improve access security to the SAP ecosystem. This objective was part of a comprehensive technology modernization plan focused on protecting the company's sensitive information without compromising the user experience, and required a solution that combined Single Sign-On (SSO) technology with multi-factor authentication (MFA), allowing secure and optimized access both inside and outside the company's facilities.

  • CHALLENGES

    Increase security: Ensure secure access through MFA at external locations while maintaining SSO functionality within Idilia Foods facilities.

    Complex technology integration: Adjust SAML2 technologies and certificates to ensure compatibility with SAP S/4HANA, Fiori and SAP BusinessObjects (BOBJ).

    Inconsistency resolution: Overcome synchronization issues between user identifiers in Azure Domain Service, IDP and SAP tools.

    Adaptation of existing processes: Ensuring that previous workflows (e.g. AFO books in BOBJ) continued to work efficiently with the new solution.

  • GOALS

    Implement MFA technology for external access to the SAP ecosystem.

    Maintain SSO functionality for internal access, optimizing the user experience.

    Ensure seamless integration between all SAP systems and the corporate authentication platform.

  • TECHNOLOGY

    SAML2: Configuration for SAP Fiori and SAP BusinessObjects (BOBJ).

    Certificates: For SAPGUI authentication (SAP Logon).

    Azure Domain Service: Authentication platform used as a basis.

    SAP Single Sign-On Services: Configured in the IDP tenant, previously integrated with SuccessFactors.

  • SOLUTIONS

    Integration of Azure Domain Service and SAP SSO Services:

    Configuration of a single IDP (Identity Provider) to centralize the management of users and MFA.

    Specific settings for Fiori and SAP BOBJ via SAML2, optimizing synchronization with Azure.

    Adaptations for SAP Logon:

    Troubleshoot GUIDs to align user registration procedures in IDP and Azure, ensuring accurate synchronization.

    Reconfiguration in SAP BOBJ:

    User alias setting to match the expected SAML2 token.

    Adaptation of AFO books to use SSO as a data source, eliminating additional authentications.

  • RESULTS

    Secure and efficient access: Successful implementation of MFA for external access while maintaining SSO at internal locations.

    Optimization of existing processes: Adaptation of AFO books and flows in BOBJ allowed maintaining productivity without significant disruptions.

    Improved cybersecurity: Significantly strengthened protection of the SAP ecosystem against unauthorized access, aligning with industry best practices.

    Improved user experience: Single point of access to all SAP systems, with simplified authentication both on- and off-site.

Our mission is to grow with our clients, to become their travelling partners.
Contact us
Logo Vanture ESS
Powered by  GDPR Cookie Compliance
Privacy overview

This website uses cookies so that we can provide you with the best possible user experience. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our site or helping our team understand which sections of the site you find most interesting and useful.