Principal propagation in an HTTPS scenario

Principal propagation setup between SAP Cloud Platform and an on-premise backend system.

for whom?

Companies developing SAP cloud applications who want to control access in a more efficient way.


We offer a way in which developers can create cloud applications that use information from an on-premise backend system.


  • SECURITY: multiple platforms, one identity
  • INTEGRATE: integrate your on-premise systems into cloud applications

Can we help you?

Contact us

Value Proposition

A user will log in initially to a cloud application using Active Directory credentials. With FioriLaunchpad, clicking on the tile will pass the x509 short-lived certificate to the backend system and authenticate the user. If the user IDs in the backend and Active Directory are different, it is possible to perform user mapping based on other user parameters such as email address.

Our references

Pricing Plan

Core components installation


Limited to 3 man days (per year)

Packaged consulting service

Kickstart project by determining requirements

Installing cloud connector

Configuring principal propagation

Testing in dev environment

Publish changes to production

Testing configuration

Add authentication methods


Limited to 2 man days (per year)

Packaged consulting services

Determining authentication options

Installing additional components

Maintain users in backend

Configure principal propagation using new authentication method

Testing in dev environment

Publish changes to production

Testing configuration

Start requirements

Cloud connector, principal propagation

Our expert

Arne Feys

Arne has been active within delaware since 2018. During his time at delaware, he has worked in the SAP BC team. A few months ago, he shifted his focus to innovations in enterprise cloud application, particularly SAP Cloud Platform.

Contact us

  • (*) this field is required