Documente Academic
Documente Profesional
Documente Cultură
Provisioning Your SAP HANA Cloud Portal for SAP Cloud for
Customer Partner Channel Management
Table Of Contents
1 Provisioning Your SAP HANA Cloud Portal for SAP Cloud for Customer Partner
Channel Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
If your solution includes integration with the SAP HANA Cloud Portal, then you can provision it to interact with Partner
Channel Management (PCM) in your SAP Cloud for Customer solution.
For information related to administration of the portal itself, refer to the SAP HANA Cloud Portal Documentation .
All technical documentation to set up, configure, integrate, secure, and operate your solution is published in
English only. To ensure that you are reading the latest technical content, download it from SAP Service
Marketplace .
Prerequisites
SAP Cloud Services has set up and configured the integration between your SAP Cloud for Customer system and
the SAP HANA Cloud Portal, a separately licensed solution.
For information on integrating your SAP Cloud for Customer system with SAP HANA Cloud Portal, contact your SAP
Cloud Services representative.
Tasks
i. On the General tab, change the User ID Source to attribute and the Source Value to mail.
j. On the Attributes tab, choose Add Assertion-Based Attribute, then add the following attribute mapping.
first_name firstname
last_name lastname
mail email
Upon completing this procedure, you should be able to log on to the SAP HANA Cloud Portal space with the user ID
(that is, e-mail) that was assigned to it when the customer's account was provisioned.
If you cannot log on with this user ID, ensure that it has been added to the SCI account by visiting the SCI
administrator page and uploading the user and user details in a .csv file format.
Create Trust Between the Customer Account and the SCI API
For the SAP ID invitation flow scenario, proceed as follows to create trust between the customer account and the
SCI API.
1. Create a signed certificate by a KeyStore Tool or by CA.
2. Open a KeyStore Explorer application, then proceed as follows.
a. Choose Create a new KeyStore.
b. Specify the JKS type.
c. Choose Tools Import Key Pair .
d. Choose PKCS #12.
e. In the Decryption Password field, specify the certificate password, then choose the certificate file.
f. Choose an alias, or accept the default setting.
g. When you are prompted to choose a new password, enter the original certificate password.
h. Save the .jks file with the file name sapid.jks.
i. When you are prompted to choose a new password, enter, again, the original certificate password.
3. In the SAP HANA Cloud Platform Cockpit, open the customer account.
a. Choose Destinations.
b. Upload the sapid.jks file.
4. Open your SCI IDP account.
a. Choose Certificate for API Authentication.
b. Upload the public part of the P12 certificate that you created, which is determined as follows:
● Open Microsoft Internet Explorer®.
● Choose Internet Options Content Certificates Import .
Create Trust Between the Customer Account and SAP Cloud for Customer
For the SAP Cloud for Customer invitation flow scenario, proceed as follows to create trust between the customer
account and SAP Cloud for Customer.
1. Open the trust management settings of the SAP HANA Cloud Platform customer account.
a. Copy the entry in the Local Provider Name field.
b. Copy the entry in the Signing Certificate field, and save it in .cer format.
2. Within a separate browser window, log on to SAP Cloud for Customer in the Microsoft Silverlight® client with
administrator authorizations.
a. In the Administrator work center, under Common Tasks, choose Configure OAuth 2.0 Identity Provider.
● Choose New OAuth 2.0 Provider .
● In the Issuing Entity Name field, paste the entry that you copied in step 1a. of the current task.
● From the Primary Signing Certificate field, choose Browse to locate the file in .cer format that you
saved in step 1b. of the current task.
● Select the E-Mail Address checkbox.
● Choose Submit .
b. Choose Administrator OAuth 2.0 Client Registration .
● Choose New .
● Specify the client secret, client description, and token lifetime (in seconds).
● In the Issuer Name field, use the dropdown list to specify the identity provider that you created in
step 2a. of the current task.
● Choose Save and Close .
Replace any text denoted in red with the information that pertains to your solution.
b. C4C
This destination is used for connecting to SAP Cloud for Customer during its invitation flow scenario,
and consists of the following parameters.
Replace any text denoted in red with the information that pertains to your solution.
Replace NNNNNN with the numbers that are associated with the URL of your SAP Cloud for
Customer tenant.
Name=C4C
Type=HTTP
URL=https://myNNNNNN.crm.ondemand.com
ProxyType=Internet
Cloud Connector Version=2
Authentication=OAuth2SAMLBearerAssertion
Audience=myNNNNNN.crm.ondemand.com
Client Key=[OAuth client ID from SAP Cloud for Customer]
Token Service URL=https://myNNNNNN.crm.ondemand.com/sap/bc/sec/oauth2/token?
sap-client=[client number]
Token Service User=[OAuth client ID from SAP Cloud for Customer]
Token Service Password=[password specified in Client Key field during SAML
client configuration]
authnContextClassRef=urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession
nameIdFormat=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
scope=UIWC:CC_HOME
c. C4C Public
This destination is used for connecting to SAP Cloud for Customer during an anonymous scenario on a
public site, and consists of the following parameters.
Replace any text denoted in red with the information that pertains to your solution.
Replace NNNNNN with the numbers that are associated with the URL of your SAP Cloud for
Customer tenant.
d. c4c_pcmpublic
This destination is used for connecting the PCM public site with the relevant PCM HTML5 application.
Replace any text denoted in red with the information that pertains to your solution.
Name=c4c_pcmpublic
Description=destination to public self-registration widget
URL=[URL of the customer account subscription to the pcmpublic Helium
application]
ProxyType=Internet
Type=HTTP
Cloud Connector Version=2
Authentication=NoAuthentication