What is SAP ID Service?

Within intensively rise of could computing there is a need to authenticate the users before accessing an could application. Moreover there is a business requirement to have single sign on so users predominantly want to avoid entering login credentials again to web browser while they attempt to access app in the cloud. To fulfill all of these the best option for developer of could app is to use identity management system. By this the cloud based app doesn't need to even administrate the users. By the identity management system another identify provider (IdP) system is used. This can be 3^rd party SAML IdP. SAP has some offering in the field as well. It is SAP NetWeaver single sign-on or SAP ID Service (IDS).

In further I will focus on latter one. IDS is SAP's identity provider in the cloud. It is used by SAP also e.g. to manage an access to SAP web sites like sap.com, SAP Store, SMP or SCN. As default IdP it is used by SAP HANA Cloud Platform (formerly known as neo). Basically what IDS does is to verifying user identity, grant authentication and enable secure single sign-on. User just needs to have maintain his/her profile once (it is so called identity) with one password and with that he/she will be granted to access the app. Once user access particular app which has access is managed by IDS via web browser first it is redirected to IDS service (accounts.sap.com). The IDs then checks weather user is authorized to access the app as per user profile/identity. Once it is authorized web browser is forwarded to particular app.

The SAP ID Service is hosted at accounts.sap.com. It has its own component on SMP as: BC-IAM-IDS SAP ID Service.

For more details see article: SAP Insider Enable Secure Single Sign-On in the Cloud.