Gratis demo

Using SAP Cloud Identity Services with SAP BTP

Archana Walunj, 25 oktober 2023

Efficient user management is the core of any organization’s digital ecosystem. SAP Cloud Identity Services offers a powerful tool in the form of the Identity Authentication Service. With this service, you can delegate identity authentication to a trusted identity provider (IdP). The Identity Authentication Service , provides organizations with controlled cloud-based access to vital business processes, applications, and data.

This service simplifies the user experience. There are multiple ways of authentication mechanisms.  such as single sign-on, on-premise systems integration and convenient self-service options for users. User management becomes not only more secure but also incredibly user-centric.

This blog post will describe the crux of user management within digital infrastructure, focusing on the integration between SAP Cloud Identity Services’ Identity Authentication Service (IAS) and SAP Business Technology Platform (BTP)

Using Identity Authentication service with SAP BTP

sap cis

Identity Authentication service provides Authentication and single sign-on for users in the cloud.

We can onboard business users on SAP Cloud Identity Services. These business users can then access services, applications provided by SAP BTP.

The business users can also be created in bulk with mass import. One of our customers wanted to give all of its dealers access to web services. These web services were provided to dealers with SAP BTP Integration Suite.

User Management

Tenant administrators on SAP Cloud Identity Services can manage user accounts via the administration console and via APIs.

The user management enables you to create, modify, and delete users and their attributes, and manage the user accounts in the user store of Identity Authentication.

1. Create user

1.1 Create users via the Add option in the administration console

As a tenant administrator, you can create a new user in the administration console for SAP Cloud Identity Services.

user management

1.2 Create users via a CSV file import in the administration console

We can also do mass import of business / technical users. As a tenant administrator, you can create new users or update existing ones with all user data, including attributes from a custom schema, via a CSV file upload. With the CSV file, you can import up to 25000 users to create new users or to update existing users.

The CSV file must contain at least the following three columns:

  • userName or loginName
  • emails[0].value or mail
  • name.familyName or lastName

Below is the sample of CSV file.

1.3 Create users programmatically via API

Below APIs can be used to create, update and delete users.

  • Identity Directory Service []
  • Identity Authentication Service []

Tenant administrator credentials can be used to authenticate with these APIs.

user management post api

2. Search users

2.1 Search users in the administration console

Users can be searched on the admin console with their attributes such as FirstName, Lastname, email id, SCIM ID.

user management view and edit

2.2 Search users via API

user management get api

3. List and edit user details

The following options are offered for listing and editing user details

  • List a specific user and edit the information about that user via the administration console
  • List and update user details via API
  • Update user details via a CSV file import
  • Manage user password via the administration console

user management auth

4. Delete users

Deleting users is offered via the administration console, but can also be executed programmatically via API.

user management del api

5. Manage the user group assignment

Tenant administrators can create groups. A group is a collection of users. Groups serve to create sets of users who have something in common.

Groups can be assigned and unassigned to users

  • via the administration console for SAP Cloud Identity Services.


user management group get api

SAP Cloud Identity Services with the Identity Authentication Service, offers an elegant solution for User management. By delegating identity authentication to an identity provider, businesses simplify and secure their user management processes. The Identity Authentication Service, when integrated with SAP BTP, revolutionizes how organizations control, secure, and enhance the user experience within their digital ecosystem. It’s a dynamic partnership that empowers businesses to navigate the ever-evolving digital landscape with ease.


Identity Authentication – User Management

Archana Walunj

Read all my blogs

Receive our weekly blog by email?
Subscribe here: