Connecting to SAP Integration Suite /Cloud Foundry without S-User

Connecting to SAP Integration Suite /Cloud Foundry without S-User

To connecto SAP Cloud Foundry we have enabled a new way of connecting using SAML. This is because the public APIs of SAP Cloud Integration is not as good as the private APIs used in the Web. 

You can read more about the a setup and security behind it here. 

The guide video that shows how to connect Figaf to an Integraiton Suite system. 

Here you can see an end to end configuration of the Integration Suite

How to configure the custom IDP

You will need to create service keys for both the public API and for the message sent if you need to test messages on the platform.

Step 1: Download SAML Metadata from your SAP Cockpit:

Step 2: Copy value related to <md:AssertionConsumerService Binding=”urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=

Step 3: Open Agent Dialog and enable Use custom IdP checkbox. Paste SSO Url from the previous step. Save the Agent

Step 4: Generate Entity Descriptor for the Agent:

Step 5: Go back to the SAP Cockpit and upload this file as a new Trust configuration:

Step 6: Add Role collection mappings for the IdP: PI_Administrator, PI_Business_Expert, PI_Integration_Developer.

Step 7: If Figaf now try to check connection by pressing Test Connection

Step 8: After you have validated the process work, you can remove the check mark for “Available for User Logon”. This way, you will not receive the request to login.


    • Related Articles

    • Create Service Keys for SAP CPI Cloud Foundry

      For SAP CPI Cloud Foundry you have an option to use Service Keys to send messages. The Figaf Tool will not test the properties are correct before running tests.  We need to create keys for both API and for Integration flow API access To create a ...
    • How to add MessagingSend Role to a Cloud Foundry user

      If you are using SAP Cloud Integration on Cloud Foundry then you probably have noticed you cannot add the default ESBMessage Send (MessagingSend) role to your user. You will need to create a role collection to support this.  In your BTP cockpit go to ...
    • Create a git repository for SAP Cloud Integration

      In this guide you will see how you can create a git repository for your SAP CPI/Cloud Integration system.  Before you start you need 1. Have installed Figaf 2. Have connected it with a SAP CPI tenant 1. Create a git repository on forinstance github ...
    • Configure CPI agents

      The future way to connect is the following. Here you don't need a S-User. You just need the API keys as specified below.  Connecting to SAP Integration Suite /Cloud Foundry without S-User Figaf tool supports both CPI platforms: Neo and Cloud Foundry. ...
    • How to install Figaf to handle SAP PI to CPI migrations

      This guide shows you how to install the Figaf Suite, and enables you to create your first SAP PI to CPI migration.  It is recommended that you follow along in the video.  ​ Install the Tool Registered for the Trial on Figaf  and you will get the ...