MichaelPShea
commented
1 year ago @RaphaelReply: Technically, you are correct. A subaccount can have multiple SAML-based identity providers associated with it. However, our best practice is to have a single OIDC-based configuration to an Identity Authentication tenant. The customer then uses this tenant as a proxy for their own corporate identity providers. The customer can use conditional authentication to steer the user to the correct identity provider without having the user try to decide which is the right identity provider to log on to.
For more information, see https://help.sap.com/docs/btp/sap-business-technology-platform/user-and-member-management?version=Cloud#business-users.
RaphaelReply
https://help.sap.com/docs/btp/best-practices/basic-platform-concepts
Hello SAP docs Team,
short question regarding the figures "Overview of Global Accounts and Subaccounts (Feature Set A)" and "Overview of Global Accounts, Directories, and Subaccounts (Feature Set B)".
There is is mentioned that you can only have 0-1 business user IdP per subaccount. If I am not mistaken this is wrong and technically you can have multiple and as a result will get in the application then in the login screen the possiblity to choose from the IdPs. Or am I missing something here?
Best regards, Raphael