Business-to-Employee Scenario

The business-to-employee scenario is related to services for employees of an organization. Employees can access various applications with one logon. Furthermore, administrators can upload employees data by using the user import functionality.

The scenario includes the following features:

Authentication with user name and password
A secure SSO to cloud applications
Branding elements on all the forms for logon and password update
Customized privacy policy and terms of use documents
Employee security policy
User import and export
Database restricted for employees only

Example:

Julie Armstrong is an administrator at company B. She wants to configure a leave request application to be used by the employees of the company. For this purpose, she imports the employees by opening the Import Users page in the administration console for SAP Cloud Identity Services and selecting a CSV file containing the employees. Once she has imported all the new users into the system, she sends them an email with instructions how to activate their accounts. She also configures the trust on SAP BTP.

Julie wants only the employees to access the application. She selects the Internal radio button after she chooses Authentication and Access > User Application Access for the leave request application in the administration console.

As an employee of company B, Michael accesses an SAP BTP application to make a leave request. When he opens the application, he has to choose the Forgot Password link to activate his account. After activation, Michael provides a user name and password to log on to the leave request application with. He is redirected to Identity Authentication for authentication. Identity Authentication verifies his credentials and sends a response back to the SAP BTP application. As a result, Michael logs on and enters his leave request.

Imports users.

Activates account.

Provides credentials.

Delegates authentication.

Confirms authentication.