To give further users access to SAP Cloud ALM, you need to create or import users in your SAP Cloud Identity Services – Identity Authentication tenant. For users to be able to sign in to SAP Cloud ALM, they need to be maintained both in the Identity Authentication tenant and in SAP Cloud ALM.
In SAP Cloud ALM, the Identity Authentication service (IAS) assumes the role of the identity provider. This means that business users sign in to SAP Cloud ALM with the mechanisms and credentials defined in the Identity Authentication tenant.
You can also use an already existing corporate identity provider (LDAP), in which case you need to set up Identity Authentication as a proxy. Changing to a corporate identity provider while already using SAP Cloud ALM productively can result in invalidated user IDs and can cause users in SAP Cloud ALM to be deactivated. For more information, see Onboard to SAP Cloud Identity Services and Corporate Identity Providers.
When you requested SAP Cloud ALM, you either selected an existing Identity Authentication tenant or received a new one:
-
Reused existing Identity Authentication tenant:
If you selected one of your existing productive Identity Authentication tenants, it was assigned to your SAP Cloud ALM subaccount during the provisioning and can be reused for user authentication in SAP Cloud ALM.
Your authorizations in the Identity Authentication tenant remain the same. If the Main IT Contact of SAP Cloud ALM didn't have a user in the tenant before, they were added as a member.
Your pre-existing tenant may already contain identity information. If you don't need new users in the tenant, you can proceed directly to Step 2: Assign Roles to Users in SAP Cloud ALM to add these users to SAP Cloud ALM and assign roles to them. If you do want to create new users in the tenant, follow the procedure below.
-
New Identity Authentication tenant:
If you didn't have a productive Identity Authentication tenant before, a new tenant was automatically created for you. This tenant was then assigned to the SAP Cloud ALM subaccount.
As the Main IT Contact, you were made an administrator in this new tenant and received an email asking you to activate your account in the Identity Authentication service. Once activated, the tenant contains no identity information. Before SAP Cloud ALM can be used, users have to be created or imported, as described below.
-
Your Identity Authentication tenant has been activated.
If your Identity Authentication tenant was created when your SAP Cloud ALM was requested, the Main IT Contact has received an email with the subject Activate Your Account for Identity Authentication Service.
-
In your Identity Authentication tenant, you have a user with the role Manage Users.
If you don't have this role, the tenant administrator can assign it to you by following Managing Administrators in Identity Authentication. To find the administrator of your Identity Authentication tenant, see Viewing Assigned Tenants and Administrators.
-
In the administration console of the SAP Cloud Identity Services, open the User Management app.
The URL has the following pattern:
https://<tenant ID>.accounts.ondemand.com/adminThe first administrator in the Identity Authentication tenant received an activation email with a link to the administration console.
-
Choose + Add User.
If you've already defined users elsewhere in your landscape, you can also import them to the Identity Authentication service. For more information, see Import or Update Users for a Specific Application.
-
Fill in the required fields.
Remember the email address, as you need it to assign roles to the user later.
-
Under Personal Information, enter the first and last name of the user. Use only the allowed characters A-Z, a-z, spaces, and hyphens.
-
Save.
-
Select Send activation e-mail.
-
Save your entries.
The new user now receives an activation email and can set a password.
To give them access to SAP Cloud ALM, you additionally need to add them to SAP Cloud ALM and assign the required roles to them, as described in Step 2: Assign Roles to Users in SAP Cloud ALM.
Related Information