Principal propagation in an HTTPS scenario

Principal propagation setup between SAP Cloud Platform and an on-premise backend system.

Companies developing SAP cloud applications who want to control access in a more efficient way.

SECURITY: multiple platforms, one identity
INTEGRATE: integrate your on-premise systems into cloud applications

Value Proposition

A user will log in initially to a cloud application using Active Directory credentials. With FioriLaunchpad, clicking on the tile will pass the x509 short-lived certificate to the backend system and authenticate the user. If the user IDs in the backend and Active Directory are different, it is possible to perform user mapping based on other user parameters such as email address.


We offer a way in which developers can create cloud applications that use information from an on-premise backend system.

Do you have a question?

Core components installation


Limited to 3 man days (per year)

Packaged consulting service

  • Kickstart project by determining requirements
  • Installing cloud connector
  • Configuring principal propagation
  • Testing in dev environment
  • Publish changes to production
  • Testing configuration

Add authentication methods


Limited to 2 man days (per year)

Packaged consulting services

  • Determining authentication options
  • Installing additional components
  • Maintain users in backend
  • Configure principal propagation using new authentication method
  • Testing in dev environment
  • Publish changes to production
  • Testing configuration

Our references

Contact our expert

Arne Feys

Arne is active within delaware since 2018. During his time at delaware he has focused the operations aspect of innovative enterprise cloud applications and in particular SAP Cloud Platform.

Error, please try again.

Your message has succesfully been received, we will contact you as soon as possible.

(*) this field is required