Home
SCP Configurations after Installing Innovapptive Products
This section guides you with the required SCP Configurations after installing Innovapptive Mobile Products.
Configure SAML Authentication
Configure Innovapptive products on SCP Server and set up SAML Authentication mechanism to validate users. Also, validate users to backend servers using Principal Propagation.
Establish trust between SCP and ADFS

Title and Copyright
Copyright and Terms of Use for the Post Install or Post Upgrade Configurations Guide for mAssetTag, mWorkOrder, mInventory, mServiceOrder, mWorkList and all other solutions of Connected Workforce Platform^TM .
Preface
Understand audience, know related documents and products and conventions followed in this document.
Post-Install or Post-Upgrade Configurations for Innovapptive Products
This guide contains instructions for post install or post upgrade configurations for both SCP and SMP environments. Depending on the platform you are on, choose your configuration path.
SCP Configurations after Installing Innovapptive Products
This section guides you with the required SCP Configurations after installing Innovapptive Mobile Products.
- Configure HTTP/HTTPs Authentication
  Configure Innovapptive products on SCP Server and set up HTTP/HTTPs authentication mechanism to validate users. Also, validate users to backend servers using Principal Propagation.
- Configure SAML Authentication
  Configure Innovapptive products on SCP Server and set up SAML Authentication mechanism to validate users. Also, validate users to backend servers using Principal Propagation.
  - Establish trust between SCP and ADFS
  - Add SCP Metadata to ADFS
    After you download Metadata file from SCP, log in to ADFS 2.0 server and copy the Metadata file to Desktop.
  - Add ADFS Metadata to SCP
    To complete trust between SCP and ADFS, you must also add ADFS metadata to SCP.
  - Add Roles to access SCP Development and Operations Cockpit
    Once SAML is enabled, you cannot login with S-User ID. All services and applications are redirected to ADFS for SAML Authentication. Hence, roles added to SCP Development and Operations help users from ADFS to login for administration or development tasks.
  - Configure Cloud Connector to accept SAML Assertion Token
    As Innovapptive servers are set up at various environments, such as Public Cloud and Corporate Network, you use Cloud Connector to securely transmit data from different environments. It is required to establish trust between SCP, Cloud Connector and SAP Gateway System which is on the Corporate Network.
  - Create New Application using SAML Authentication
  - Define SAML SCP Client Password Policy
    Define the client password policy that is used to unlock the DataVault for the applications. Application developers must add code to the DataVault to enforce the client password policy. An administrator must enter the application password policy to unlock the DataVault during application initialization.
- Integrate SCP with Azure AD
- Configure Push Notifications for SCP
  Field workers gets an alert when an item to which he /she is tagged to is created or modified. However, if the app is not launched on the device, they do not receive these alerts. You must configure Push Notifications to send the alerts to the workers even when the app is not opened in the device.
- Manage Resource File in SCPms
  Resource File in SCP helps you centrally administer and manage common settings.
SMP Configurations after Installing Innovapptive Products
This section guides you with the required SMP Configurations after installing Innovapptive Mobile Products.
Configure Roles and Authorization for Products
Configure roles and provide authorizations to do tasks using Innovapptive products.

Establish trust between SCP and ADFS

To establish trust between SCP and ADFS:

Log in to SAP Cloud Platform (SCP).
Go to SCP Account, Security, Trust.
See that Trust Management and Configuration Type are set to Default, which works on SAP S- User ID or SCN ID.
Click Edit and make the following changes:
- Configuration Type: Custom (Enables to Add Trust connection).
- Local Provider Name: https://hanatrial.ondemand.com/s0015864207trial (should be generated automatically from SCP. URL will be different for each instance based on its ID).
- Signing Key: If the Signing Key is blank, click Generate Key Pair.
- Signing Certificate: If the Signing Certificate is blank, click Generate Key Pair.
- Principal Propagation Enabled.
- Force Authentication: Disabled.
Click Get Metadata link and save it as a local file.
This allows you to add a new Trust Relaying Party in ADFS.