Onboarding the SAP Business Technology Platform

Use this task to provision users from Verify to SAP Business Technology Platform adapter.

Procedure

  1. Log in as administrator on Verify.
  2. Navigate to the profile icon and click Switch to admin.
  3. Select Applications > Applications and click Add application.
  4. Search application type as SAP Business Technology Platform from pop up and click Add application.
  5. In the Add applications page, select the General tab specify the required details.
  6. Select the Account lifecycle tab.
  7. Specify the provisioning and deprovisioning policies.
    Parameters Description
    Provision accounts

    Provision accounts are Disabled by default, which means the account creation is performed outside of IBM® Security Verify.

    Select the Enabled option in order to automatically provision an account when the entitlement is assigned to a user. Password generations and email notification features are available for the account created using IBM Security Verify.

    Deprovision accounts

    Deprovision accounts are Disabled by default, which means account removal is performed outside of IBM Security Verify.

    Select the Enabled option in order to automatically deprovision an account when entitlement is removed from a user.

    Grace period (days) Set the grace period in days for which deprovisioned account is kept as suspended before deleting it permanently.
    Deprovision action Select what happens when the grace period is up after deletion. Delete the account or suspend it. The field is available only if the deprovision account field is enabled.
  8. Specify the API authentication details.
    Parameters Description
    Instance name Specify the SAP Cloud Identity Services instance name. If the SAP Business Technology Platform Instance URL is https://myInstance.com/admin, then use myInstance.com as the value for Instance name .
    Client ID Specify the Client ID obtained from the tenant administration console setup.
    Client Secret Specify the Client Secret obtained from the tenant administration console setup.
  9. Click Test Connection to test the connection to the SAP Business Technology Platform adapter. The connection needs to be successful to provision or reconcile accounts on the SAP Business Technology Platform application.
  10. Map the target SAP Business Technology Platform attributes to the Verify attributes as needed. Select the Keep updated check box for the attributes that need to be updated on the target.
  11. Select the Account sync tab.
  12. In the Adoption policy section, add one or more attribute pairs that need to match for the account sync process to assign SAP Business Technology Platform accounts to their respective account owners on Verify.
  13. In the Remediation Policies section, choose a remediation policy to remediate non-compliant accounts automatically.
  14. Click Save.
  15. After the application is saved, specify the authorization policy on the Entitlements tab.