from sap idm to one identity the preferred path for seamless migration

SAP recently announced the end-of-life for SAP Identity Manager (IDM). This announcement required SAP to establish guidelines for existing customers to transition away from the platform with other products. One Identity is a leading vendor of choice for this migration due to its well-established market presence and robust SAP solutions support. In this two-part blog series, we will shed some light on how One Identity can seamlessly integrate with SAP products, starting with its certified ABAP connector.

Meeting rigorous requirements 

One Identity was challenged by SAP with a stringent set of requirements to establish that the One Identity Manager solution can support SAP customers for not only migration away from SAP IDM, but also provide support for various other SAP products, including SAP FieldGlass, SAP SuccessFactors and SAP Cloud Identity Services. Leveraging an SAP-certified ABAP connector, One Identity ensures compatibility with the data model of integrated SAP products, as endorsed by SAP. 

Support beyond SAP S/4 HANA 

While SAP S/4 HANA was highlighted, One Identity's capabilities extend to any SAP system supporting ABAP or SCIM, including SAP IDM and SAP SuccessFactors. This means that an SAP customer who utilizes One Identity Manager can take advantage of all the advanced capabilities provided, including identity lifecycle management, identity governance, attestation and separation of duties (SoD) control, application governance, behavior driven governance, compliance and audit reporting, self-service access and more.  

Certified connectors for hybrid environments 

In addition to these core capabilities, Identity Manager comes with a vast array of certified connectors and connector methods for establishing reliable and scalable IGA capabilities to hundreds of systems. This includes SAP customers who are already in a hybrid world and utilizing RISE to migrate services to the cloud or utilizing SAP's classic on-prem products. 

Comprehensive support for SAP ecosystem 

One Identity Manager also supports SAP IAG (or in some cases, replace it) and directly integrates applications on the SAP Business Technology Platform (SAP BTP). For customers utilizing SAP SuccessFactors, SAP Concur, SAP Ariba and other cloud-hosted solutions, they can also be managed with One Identity Manager.

Per figure 1 below, One Identity integrates at several different points in the SAP ecosystem.

One Identity integrates at several different points in the SAP ecosystem.

Fig 1


Leveraging One Identity solutions within SAP product environments offers a comprehensive suite of identity governance and administration (IGA), access management (AM) and privileged access management (PAM) capabilities. Per the referenced architecture, whether on-premises or in the cloud, these solutions strengthen identity security postures for SAP customers, ensuring robust protection regardless of the consumption model or where you choose to host your SAP products. 

Blog Post CTA Image

Related Content