Principal propagation in an HTTPS scenario

Principal propagation setup between SAP Cloud Platform and an on-premise backend system.

for whom?

Companies developing SAP cloud applications who want to control access in a more efficient way.



We offer a way in which developers can create cloud applications that use information from an on-premise backend system.


  • SECURITY: multiple platforms, one identity
  • INTEGRATE: integrate your on-premise systems into cloud applications

Can we help you?

Contact us

Value Proposition

A user will log in initially to a cloud application using Active Directory credentials. With FioriLaunchpad, clicking on the tile will pass the x509 short-lived certificate to the backend system and authenticate the user. If the user IDs in the backend and Active Directory are different, it is possible to perform user mapping based on other user parameters such as email address.

Our references

Pricing Plan

Core components installation


Limited to 3 man days (per year)

Packaged consulting service

Kickstart project by determining requirements

Installing cloud connector

Configuring principal propagation

Testing in dev environment

Publish changes to production

Testing configuration


Add authentication methods


Limited to 2 man days (per year)

Packaged consulting services

Determining authentication options

Installing additional components

Maintain users in backend

Configure principal propagation using new authentication method

Testing in dev environment

Publish changes to production

Testing configuration

Start requirements

Cloud connector, principal propagation


Our expert

Arne Feys

Arne is active within delaware since 2018. During his time at delaware he has focused the operations aspect of innovative enterprise cloud applications and in particular SAP Cloud Platform.

Contact us

  • (*) this field is required