| |||||||||
SI-2050
Multi-factor authentication is a two-step verification process where users are required to authenticate themselves a second time using a time-based verification code. As compared to the single step authentication process, multi-factor authentication provides enhanced security.
Previously, suppliers attempting to sign in to SAP Ariba Developer Portal using the AN Supplier SSO Sign-in option were re-directed to the Ariba Network supplier sign-in page for authentication. However, it was just a one-step verification process.
With multi-factor authentication enabled, users are required to perform the two-step verification process to log into SAP Ariba Developer Portal.
Until recently Ariba Network did not provide a feature for multi-factor authentication, which would significantly improve login security when compared to existing user ID/password authentication. There was no verification mechanism to ensure that the individual logging in was indeed the account holder vs. a nefarious entity that had obtained a user’s credentials. Ariba Network customers were requesting that the applications provide a multi-factor mechanism for authentication that would be comparable to existing functionality that is provided by banking institutions.
The impact of the feature is that it will improve the security at login by forcing the logging-in user to enter in a digital token, from the authenticator app, associated to the user account. This will prevent unauthorized use of the associated account should a user’s login credentials become compromised. Enabling this functionality will significantly decrease the likelihood that a nefarious entity can successfully gain access to the SAP Ariba applications using compromised user account credentials.
Supplier
Automatically On
Gdy uwierzytelnianie wieloskładnikowe jest włączone dla organizacji, użytkownicy muszą zainstalować aplikację uwierzytelniającą, taką jak SAP Authenticator z iTunes (dla urządzeń iOS) lub Google Play (dla urządzeń z systemem Android), w swoich urządzeniach przenośnych w celu wygenerowania czasowego kodu weryfikacyjnego (zwanego również czasowym hasłem jednorazowym). Konfiguracja kodu weryfikacyjnego opartego na czasie jest również kompatybilna z zewnętrznymi programami uwierzytelniającymi, takimi jak Google Authenticator lub Microsoft Authenticator.
Brak zidentyfikowanych
SAP Ariba Supply Chain Collaboration 2108
SAP Business Network 2108