Question

Does anyone have experience using SAML and authenticating against an odata service?

0

Hi there, does anyone have experience using SAML and authenticating against an odata service? I.e. I'd like to use the username of the logged in user and use this user + pass to call an odata service in SAP (and therefor be able to create documents). No, we do not have Sap CC or CP - @Laurens Steffers

asked 2019-11-21

Community Slack Question

1 answers

Community Slack Answer · Accepted Answer · 2019-11-21

You shouldn't do this: you do not have the user's password (since authentication takes place at the IdP). If you want to store passwords, they need to be in a reversible format (so that you can send them to SAP) and this isn't recommended from a security perspective. There are scheme's to do this (you can e.g. Google 'SAML on behalf of'), but most of the ways result in passing tokens, instead of usernames + passwords. - @ Rom van Arendonk