Hi, we are currently working on an SAP internal project which is actually an App deployed to HCP. We are delegating the user authentification to SAP ID Services and to be exact we are using FORM Authentication. In the App, we have links to SAP(internal) Jam(https://jam4.sapjam.com/).
In most cases our scenario works. However, if we use Firefox to access our App, since it does not take the SAP SSO certificate automatically(for Chrome you get a pop up to select your SAP SSO certificate), we are prompted to enter the SCN user and password(auth. 1). This is so far ok. However, after authentication and after I have logged in the App, I click the SAP Jam link inside to App, I am again prompted to enter my SCN user and password(auth. 2). This is not so nice.
I know, the first authentification(auth. 1) checks only if the user has a valid scn user and password and the second time(auth. 2), since I am accessing an SAP internal Jam group, I am or at least should be checked agains my SAP company internal credentials.
My questions:
1. during the second authentification(auth. 2), why it works, when I enter my SCN credentials not my SAP company internal credentials? I have different password for my SCN credentials and my SAP credentials. Maybe it is because they have the same ID(my D-number?)?
2. how can I get rid of the second authentification(auth. 2)? We have application logic already in our App to check, that the users of our App are SAP internals(D-number or I-number), so it would be really nice that somehow SAP ID Services can provide some API to do a silent login, like the scenario in my question 1.
Really appreciate your help. Thank you.
Regards, Yashu