After you have activated your trial account for SAP BTP with access to the BTP Cockpit and the SAP Cloud Identity Services trial with access to the SAP Cloud Identity Services administration console you are set for the next steps.
We expect that you have created a trial subaccount in your SAP BTP trial account cockpit.
We also expect that you have enabled the Cloud Foundry Environment.
Finally, you have installed on your mobile device a time-based one-time password (TOTP) authentication application (such as Google Authenticator or Microsoft Authenticator).
Following the blog post to setup the SAP Cloud Identity Services trial you have already established the trust configuration in your BTP trial subaccount, which adds the trial identity provider for applications to enable users from your trial identity provider to log on to applications consumed in this subaccount.
-
Logon to your personal SAP BTP trial account cockpit with the user you used to activate the account. Go to the SAP BTP Trial page and click Log On.
-
You will see one main button on the welcome screen of the SAP BTP cockpit. Click on Go To Your Trial Account to navigate to your global account.
Bookmark the link for fast and quick access to the BTP cockpit. -
Navigate to the subaccount by clicking on the tile.
Note: If the tile is disabled then you may have to add yourself as subaccount administrator.
- Check if the Cloud Foundry runtime is enabled in the subaccount. If it is not enabled, click on Enable Cloud Foundry. This may take some seconds. This page displays the current state of the subaccount. You can manage your subscriptions and jump into the different runtime environments. It also shows you fundamental information of the Cloud Foundry environment, such as the API endpoint and the available spaces.
-
Check the trust configuration for application users.
Navigate in the BTP Cockpit to Trial HOME --> your initial subaccount (e.g. trial) --> Security --> Trust Configuration
Check if the Custom Identity Provider for applications is configured. If not, then go back to the preparations and follow the blog post SAP Cloud Identity Services offered as Trial Version on how to configure it.
- To logon to your personal identity provider, navigate in your subaccount to Instances and Subscriptions. Click on the icon next to the subscribed application Cloud Identity Services, which says Go to Application when you hover over it. A new window opens with your SAP Cloud Identity Services trial account cockpit.
- Bookmark the link for fast and quick access to the SAP Cloud Identity Services cockpit.
- In the SAP Cloud Identity Services administration console --> Applications & Resources --> Applications you will see the trust configuration that was established by your BTP trial account. It is called SAP BTP subaccount trial.
Applications you deploy in your BTP subaccount can now delegate authentication to the SAP Cloud Identity Services tenant you just created. And in the SAP Cloud Identity Services administration console you may configure the various options for authentication and multi-factor authentication.
- Log out of the SAP Cloud Identity Services administration console.
Now that you have checked all the prerequisites and have access to both administration cockpits, SAP BTP cockpit and the SAP Cloud Identity Services cockpit,
Continue to - Exercise 1 - Enable Multi-Factor Authentication for applications