Does anyone have experience using SAML and authenticating against an odata service?
Hi there, does anyone have experience using SAML and authenticating against an odata service? I.e. I'd like to use the username of the logged in user and use this user + pass to call an odata service in SAP (and therefor be able to create documents). No, we do not have Sap CC or CP - @Laurens Steffers
Community Slack Question
You shouldn't do this: you do not have the user's password (since authentication takes place at the IdP). If you want to store passwords, they need to be in a reversible format (so that you can send them to SAP) and this isn't recommended from a security perspective. There are scheme's to do this (you can e.g. Google 'SAML on behalf of'), but most of the ways result in passing tokens, instead of usernames + passwords. - @ Rom van Arendonk