{"id":838,"date":"2019-05-07T13:27:59","date_gmt":"2019-05-07T11:27:59","guid":{"rendered":"https:\/\/sast-blog.akquinet.com\/?p=838"},"modified":"2020-07-24T09:42:25","modified_gmt":"2020-07-24T07:42:25","slug":"sod-free-user-management-via-web-services","status":"publish","type":"post","link":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/","title":{"rendered":"SoD-Free User Management via Web Services"},"content":{"rendered":"

\"SASTManaging a large number of user accounts often presents companies with a major challenge. It\u2019s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address them.<\/p>\n

<\/p>\n

In the past, SAP environments provided access to the Central User Administration (CUA) as a means of managing users in a central system. For years, CUA was the only system that made it possible to manage users centrally in SAP. These days, however, this feature has been designated for gradual replacement by SAP Identity Management (SAP IDM). Customers are being advised to switch to the new system, as SAP has discontinued the further development of CUA (the final version is based on SAP NetWeaver 7.1).<\/p>\n

Of course, the need to keep one’s systems up-to-date would already be a good reason to make the move. For those who want to be prepared for the innovations ahead and stay on the cutting edge, the transition to SAP IDM is practically a matter of course.<\/p>\n

Assignments without SoD conflicts already possible when requesting new users<\/strong><\/h2>\n

Many of our customers are switching to IDM systems in user management, and offerings from providers other than SAP are also in use.<\/p>\n

One key challenge in this regard involves assigning authorizations without causing SoD conflicts. SAST SUITE gives our customers the ability to identify the SoD conflicts a given situation would cause right when a new user or authorizations are requested. The roles to be assigned are handed over to SAST via a web service and tested against a proven set of checking rules. The requester then receives an overview of all the SoD conflicts that can be expected for the user in question.<\/p>\n

Real-time checking of critical authorizations<\/strong><\/h2>\n

\u00a0\"SAP<\/strong><\/p>\n

SAST makes it possible to assess risks and identify when critical authorizations are being assigned in real time \u2013 even early on in the request process. It supports all scenarios involving SAP IDM and SAP Access Control. SAST interfaces with these solutions via web services or its own API; we can easily accommodate customer-specific scenarios, as well. Our SoD checking rulesets detect SoD conflicts in a fast, direct manner, which reduces the overall amount of time required to assign authorizations. Plus, the checks involved can be integrated directly into your IDM workflow.<\/p>\n

Would you like more information on our SAST SUITE or would you like to find out more about ALL ROUND protection of your SAP systems? Check out our SAST SOLUTIONS website<\/a> or send us an e-mail us at sast@akquinet.de<\/a>.<\/p>\n

\"Andreas
\nAndreas Leisegang, SAST SOLUTIONS<\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

Related articles in the SAST BLOG<\/strong><\/h2>\n

Authorizations for batch processing in NetWeaver and S\/4HANA environments<\/a><\/p>\n

How can I quickly migrate SAP custom code to S\/4HANA?<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Managing a large number of user accounts often presents companies with a major challenge. It\u2019s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[67,44,64,68,103],"class_list":["post-838","post","type-post","status-publish","format-standard","hentry","category-sap-authorizations-grc","tag-identity-management","tag-managed-services","tag-role-management","tag-sap-authorizations","tag-sod"],"yoast_head":"\nSoD-Free User Management via Web Services<\/title>\n<meta name=\"description\" content=\"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SoD-Free User Management via Web Services\" \/>\n<meta property=\"og:description\" content=\"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/\" \/>\n<meta property=\"og:site_name\" content=\"SAST BLOG\" \/>\n<meta property=\"article:published_time\" content=\"2019-05-07T11:27:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-07-24T07:42:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"334\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"securityblog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"SoD-Free User Management via Web Services\" \/>\n<meta name=\"twitter:description\" content=\"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"securityblog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/\"},\"author\":{\"name\":\"securityblog\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/person\\\/cd70e3749cca136a7e8a37dc1d3cfc26\"},\"headline\":\"SoD-Free User Management via Web Services\",\"datePublished\":\"2019-05-07T11:27:59+00:00\",\"dateModified\":\"2020-07-24T07:42:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/\"},\"wordCount\":478,\"publisher\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png\",\"keywords\":[\"Identity Management\",\"Managed Services\",\"Role Management\",\"SAP Authorizations\",\"SoD\"],\"articleSection\":[\"SAP Authorizations & GRC\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/\",\"name\":\"SoD-Free User Management via Web Services\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png\",\"datePublished\":\"2019-05-07T11:27:59+00:00\",\"dateModified\":\"2020-07-24T07:42:25+00:00\",\"description\":\"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png\",\"contentUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/07\\\/sod-free-user-management-via-web-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SoD-Free User Management via Web Services\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#website\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\",\"name\":\"SAST BLOG\",\"description\":\"SAP Security & Compliance\",\"publisher\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\",\"name\":\"SAST BLOG\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/sast-solutions-logo.png\",\"contentUrl\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/sast-solutions-logo.png\",\"width\":358,\"height\":155,\"caption\":\"SAST BLOG\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/person\\\/cd70e3749cca136a7e8a37dc1d3cfc26\",\"name\":\"securityblog\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SoD-Free User Management via Web Services","description":"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/","og_locale":"en_US","og_type":"article","og_title":"SoD-Free User Management via Web Services","og_description":"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.","og_url":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/","og_site_name":"SAST BLOG","article_published_time":"2019-05-07T11:27:59+00:00","article_modified_time":"2020-07-24T07:42:25+00:00","og_image":[{"width":500,"height":334,"url":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png","type":"image\/png"}],"author":"securityblog","twitter_card":"summary_large_image","twitter_title":"SoD-Free User Management via Web Services","twitter_description":"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.","twitter_image":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png","twitter_misc":{"Written by":"securityblog","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#article","isPartOf":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/"},"author":{"name":"securityblog","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/person\/cd70e3749cca136a7e8a37dc1d3cfc26"},"headline":"SoD-Free User Management via Web Services","datePublished":"2019-05-07T11:27:59+00:00","dateModified":"2020-07-24T07:42:25+00:00","mainEntityOfPage":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/"},"wordCount":478,"publisher":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#organization"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#primaryimage"},"thumbnailUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png","keywords":["Identity Management","Managed Services","Role Management","SAP Authorizations","SoD"],"articleSection":["SAP Authorizations & GRC"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/","url":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/","name":"SoD-Free User Management via Web Services","isPartOf":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#primaryimage"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#primaryimage"},"thumbnailUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png","datePublished":"2019-05-07T11:27:59+00:00","dateModified":"2020-07-24T07:42:25+00:00","description":"SAST allows risk analysis and recognition of critical authorization assignments in real time already during application - via web services or your own API.","breadcrumb":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#primaryimage","url":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png","contentUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png"},{"@type":"BreadcrumbList","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/07\/sod-free-user-management-via-web-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sast-solutions.com\/blog-en\/"},{"@type":"ListItem","position":2,"name":"SoD-Free User Management via Web Services"}]},{"@type":"WebSite","@id":"https:\/\/sast-solutions.com\/blog-en\/#website","url":"https:\/\/sast-solutions.com\/blog-en\/","name":"SAST BLOG","description":"SAP Security & Compliance","publisher":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sast-solutions.com\/blog-en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sast-solutions.com\/blog-en\/#organization","name":"SAST BLOG","url":"https:\/\/sast-solutions.com\/blog-en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/logo\/image\/","url":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2021\/03\/sast-solutions-logo.png","contentUrl":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2021\/03\/sast-solutions-logo.png","width":358,"height":155,"caption":"SAST BLOG"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/person\/cd70e3749cca136a7e8a37dc1d3cfc26","name":"securityblog"}]}},"_links":{"self":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/838","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/comments?post=838"}],"version-history":[{"count":1,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/838\/revisions"}],"predecessor-version":[{"id":840,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/838\/revisions\/840"}],"wp:attachment":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/media?parent=838"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/categories?post=838"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/tags?post=838"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}