Seqrite Zero Trust Staging

SAP Integration

Print Friendly, PDF & Email

Introduction This document outlines how to configure and manage SAP systems for SAML-based authentication. Enabling SAML integration allows SAP to use secure, centralized Single Sign‑On (SSO), improving user access, strengthening security, and supporting modern identity management practices.

Follow these steps for SAP SAML Integration:

  1. Download SP Metadata File
  2. Add SaaS Application to Seqrite ZTNA
  3. Configure the ACS URL and Entity ID
  1. Download SP Metadata File
    SP metadata file contains certificate, entity ID, name ID format and SSO.

    2. Steps to download SP metadata file from SAP admin console:

    1. On SAP admin console Home page, click Administrator .
    2. Click Common Tasks >> Configure Single Sign-on >> My System.



  2. Add SaaS Application to Seqrite ZTNA

    3. To add the SaaS application to seqrite ZTNA, follow these steps:

    1. Login to ZTNA admin console.
    2. Go to Application section.
    3. Click SaaS Applications tab.
    4. Click Browse SaaS Application Catalog .
    5. Click Add+ of SAP application.
    6. Enter the Application Name and Application Description.
    7. Select below check boxes to control access from managed laptops, desktops, or mobiles.
      • Allow access from ZTNA Compliant Devices
        • Only users with ZTNA Compliant Devices (on which the ZTNA agent is installed and enabled), including both desktops and laptops, can access the applications.
      • Allow access from mSuite
        • Mobile users are able to access applications only through the Workspace.
        • iOS is not supported. iOS users can access applications outside the workspace.
    8. Click Add to add the application.
  3. Configure the ACS URL and Entity ID

    1. To Configure the ACS URL and Entity ID while creating SaaS application, check the downloaded SP Metadata file from the SAP admin console under Configure Single Sign on tab.

    2. Click to download the Metadata, once the SAP Application in Zero Trust Console is created and published.

  4. Upload Metadata File to Auto‑Configure SAML Settings

    5. To automatically configure the SAML settings, you need to upload the metadata file.
    To upload the metadata file: follow these steps:

    1. On SAP admin console Home page, click Administrator .
    2. Click Common Tasks >> Configure Single Sign on >> My System.

      Once the metadata file is uploaded it will automatically configure the Entity ID, SAML Login URL and SAML Certificate.

    3. Click New Identity Provider, upload the metadata file and click on Save.
    4. Enter Email Address in Supported Name ID Formats.
    5. Navigate to My System, set SSO URL for URL Sent to Employee.
    6. On The Configure Single Sign on tab click Activate Single Sign.

      Note: Make sure ZTNA Admin Console users are mapped with the SAP SaaS Application in Policy Page.

Was this page helpful?
Yes No