6/11/25, 2:43 PM

SAP Business Technology Platform

Generated on: 2025-06-11 14:43:44 GMT+0000

SAP Business Technology Platform (SAP BTP) | Cloud

Public

Original content: https://help.sap.com/docs/BTP/65de2977205c403bbc107264b8eccf4b?locale=en-

US&state=PRODUCTION&version=Cloud

Warning

This document has been generated from SAP Help Portal and is an incomplete version of the official SAP product documentation.
The information included in custom documentation may not reflect the arrangement of topics in SAP Help Portal, and may be
missing important aspects and/or correlations to other topics. For this reason, it is not for production use.

For more information, please visit https://help.sap.com/docs/disclaimer.

This is custom documentation. For more information, please visit SAP Help Portal. 1
 6/11/25, 2:43 PM

SAP Business Technology Platform

SAP Business Technology Platform (SAP BTP) is an integrated offering comprised of the following technology portfolios:
application development; process automation; integration; data, analytics, and enterprise planning; artificial intelligence. The
platform offers users the ability to turn data into business value, compose end-to-end business processes, connect entire IT
landscapes, and personalize, build and extend SAP applications. This reduces the overall total cost of ownership maintaining SAP
landscapes and third-party software across end-to-end business processes.

SAP BTP in the Intelligent Enterprise

Nowadays, companies need access to live data to make informed decisions in real time and apply advanced technologies and best
practices within agile, integrated business processes. That’s why a key part of SAP’s strategy is integrating end-to-end processes –
whether the solutions are from SAP, from partners, or from third parties.

At SAP, we drive integration across our solution portfolio, including the following business scenarios: lead to cash, source to pay,
design to operate, and hire to retire.

The SAP Business Technology Platform provides integration capabilities to ensure connected end-to-end business processes
across SAP and third-party applications. The following key aspects, called Suite Qualities, facilitate a consistent experience across
applications:

Seamless User Experience: SAP Fiori can be used to gain a common look and feel of many SAP solutions, which improves
user experience and reduces interruptions.

See: SAP Fiori .

Consistent Security and Identity Management: SAP Cloud Identity services on SAP BTP enable you to manage identities
and use the single sign-on capability across selected end-to-end processes.

See: SAP Cloud Identity Services on SAP BTP.

Aligned Domain Models, APIs and Events: Master Data Integration is a cloud service for master data integration. It provides
a consistent view on master data across a hybrid landscape. You can use APIs for process integration among SAP solutions,
SAP, and third parties, or by adopting an event-based integration strategy – all based on predefined integration content
available on SAP API Business Hub.

See: SAP One Domain Model , SAP Master Data Integration service , SAP Integration Suite on SAP BTP

Embedded Analytics across Solutions: The analytical insights in various SAP solutions helps you make informed decisions.
Embedded analytics from SAP Analytics Cloud are available e.g., in SAP S/4HANA and SAP SuccessFactors.

See: SAP Analytics Cloud on SAP BTP.

One Workflow Inbox: With the unified view of pending tasks across SAP solutions in both mobile and desktop environments,
you can complete tasks faster.

See: SAP Task Center on SAP BTP, SAP Mobile Start. For full workflow modeling and visibility capabilities leverage, see: SAP
Process Automation on SAP BTP

Coordinated Lifecycle Management: Harmonized provisioning, setup and operations, and monitoring solutions allow you to
optimize implementation projects and reduce manual integration configuration effort. Automated provisioning and guided
integration setup are available for selected scenarios in lead to cash, source to pay, recruit to retire, and design to operate.

See: SAP for Me , SAP CALM

This is custom documentation. For more information, please visit SAP Help Portal. 2
 6/11/25, 2:43 PM
End-to-End Process Blueprints: Process blueprints that follow the Industry Reference Architecture standard can help you
reduce planning effort for implementation projects and also support architecture decisions.

See: SAP API Business Hub

Related information:

SAP’s vision for the Intelligent Enterprise

SAP’s Integration Strategy whitepaper

SAP Integration Strategy community

About This Guide

Get an overview of the basic platform concepts of SAP BTP and how they relate to each other. Learn how to manage your accounts
and how to develop, extend, administer, and secure your cloud setup and applications on the platform.

 Tip
The English version of this guide is open for contributions and feedback using GitHub. This allows you to get in contact with
responsible authors of SAP Help Portal pages and the development team to discuss documentation-related issues. To
contribute to this guide, or to provide feedback, choose the corresponding option on SAP Help Portal:

Feedback Create issue : Provide feedback about a documentation page. This option opens an issue on GitHub.

Feedback Edit page : Contribute to a documentation page. This option opens a pull request on GitHub.

You need a GitHub account to use these options.

More information:

Contribution Guidelines

Introduction Video

Introduction Blog Post

More resources that you might find interesting:

Best Practices
Get onboarded to SAP BTP. Learn about basic concepts and see our best practices for your development projects, from setting up
the correct organizational structure to creating an account and security model, to developing and operating applications: SAP BTP
Administrator's Guide.

Services and Solutions

Get an overview on the availability of SAP BTP solutions and services according to region, infrastructure provider, and license
model. Access the service details pages for information on features, service plans, related tools, APIs, and documentation: SAP
Discovery Center: Service Catalog.

Neo Environment

This is custom documentation. For more information, please visit SAP Help Portal. 3
 6/11/25, 2:43 PM
To access the documentation for the Neo environment, see SAP BTP, Neo environment.

To learn more about why and how to migrate your scenarios in the Neo environment, see Migrating from the SAP BTP Neo
Environment to the Multi-Cloud Foundation.

All SAP BTP Resources

Access all of our resources on the product page: SAP Business Technology Platform (SAP BTP).

Basic Platform Concepts

SAP BTP offers users the ability to turn data into business value, compose end-to-end business processes, and build and extend
SAP applications quickly.

SAP Business Technology Platform is built on a multi-cloud foundation, which lets you choose from different infrastructures and
runtimes. The services and solutions of SAP BTP are available on multiple cloud infrastructure providers, and it supports different
runtimes, such as Cloud Foundry, ABAP, and Kyma, as well as multiple regions, and a broad choice of programming languages.

The central point of entry to the platform is the SAP BTP cockpit, where you can access your accounts and applications and
manage all activities associated with them.

Relationship between SAP BTP Accounts and Associated Activities

Solutions and Services

SAP BTP offers fast in-memory processing, sustainable, agile solutions and services to integrate data and extend applications,
and fully embedded analytics and intelligent technologies.

Services enable, facilitate, or accelerate the development of business applications and other platform services on SAP BTP.

For a complete list of services and capabilities, see SAP Discovery Center: Services .

This is custom documentation. For more information, please visit SAP Help Portal. 4
 6/11/25, 2:43 PM
For more information, see Solutions and Services.

Regions

You can deploy applications in different regions. Each region represents a geographical location (for example, Europe, US East)
where applications, data, or services are hosted.

Regions are provided either by SAP or by our Infrastructure-as-a-Service (IaaS) partners Amazon Web Services (AWS), Microsoft
Azure, Google Cloud, and Alibaba Cloud. The third-party region providers operate the infrastructure layer of the regions, whereas
SAP operates the platform layer and Cloud Foundry.

A region is chosen at the subaccount level. For each subaccount, you select exactly one region (that is one data center).

For more information, see Regions.

Environments
Environments constitute the actual platform-as-a-service offering of SAP BTP that allows for the development and administration
of business applications. Environments are anchored in SAP BTP on subaccount level.

SAP BTP provides the following environments:

Cloud Foundry Environment

The Cloud Foundry environment enables you to develop new business applications and business services, supporting
multiple runtimes, programming languages, libraries, and services. You can leverage a multitude of buildpacks, including
community innovations and self-developed buildpacks.

ABAP Environment

Within the Cloud Foundry environment, you can create a new space for ABAP development. This is what we refer to as the
ABAP environment. It allows you to create extensions for ABAP-based products, such as SAP S/4HANA Cloud, and develop

This is custom documentation. For more information, please visit SAP Help Portal. 5
 6/11/25, 2:43 PM
new cloud applications. You can transform existing ABAP-based custom code or extensions to the cloud.

Kyma Environment

SAP BTP, Kyma runtime provides a fully managed cloud-native Kubernetes application runtime based on the open-source
project "Kyma". Based on modular building blocks, Kyma runtime includes all the necessary capabilities to simplify the
development and to run enterprise-grade cloud-native applications.

Neo Environment

The Neo environment lets you develop HTML5, Java, and SAP HANA extended application services (SAP HANA XS)
applications. You can also use the UI Development Toolkit for HTML5 (SAPUI5) to develop rich user interfaces for modern
web-based business applications.

 Remember
SAP Business Technology Platform, Neo environment will sunset on December 31, 2028, subject to terms of customer
or partner contracts.

For more information, see SAP Note 3351844 .

Enterprise and Trial Accounts

SAP BTP provides different types of global accounts, enterprise and trial. The type you choose determines pricing, conditions of
use, resources, available services, and hosts.

A trial account lets you try out the platform for free. Access is open to everyone. Trial accounts are intended for personal
exploration, and not for production use or team development. They allow restricted use of the platform resources and
services.

For more information, see Trial Accounts and Free Tier.

An enterprise account is usually associated with one SAP customer or partner and contains their purchased entitlements
to platform resources and services. It groups together different subaccounts that an administrator makes available to users
for deploying applications.

For more information, see Enterprise Accounts.

Commercial Models
SAP BTP offers two different commercial models:

Consumption-based commercial model: Your organization receives access to all current and future services that are
eligible for this model. You have complete flexibility to turn services on and off and to switch between services as your

This is custom documentation. For more information, please visit SAP Help Portal. 6
 6/11/25, 2:43 PM
business requires throughout the duration of your contract. This commercial model is available in the following flavors: SAP
BTP Enterprise Agreement (SAP BTPEA), Cloud Platform Enterprise Agreement (CPEA), and Pay-As-You-Go for SAP BTP.

For more information, see What Is the Consumption-Based Commercial Model?

Subscription-based commercial model: Your organization subscribes only to the services that you plan to use. You can
then use these services at a fixed cost, irrespective of consumption.

For more information, see What Is the Subscription-Based Commercial Model?

Account Model

The SAP BTP cockpit is structured according to global accounts, directories, and subaccounts:

A global account is the realization of a contract you or your company has made with SAP. A global account is used to
manage subaccounts, members, entitlements and quotas. You receive entitlements and quotas to use platform resources
per global account and then distribute the entitlements and quotas to the subaccount for actual consumption. There are
two types of commercial models for global accounts: consumption-based model and subscription-based model. See
Commercial Models

With directories, you can organize and manage your subaccounts according to your technical and business needs.

In subaccounts, you deploy applications, use services, and manage your subscriptions. You can use them to manage
members, authorizations, and entitlements.

In the SAP BTP, Cloud Foundry environment, the subaccount is divided into one or more spaces, which is where application
development, deployment, and maintenance take place.

For more information, see Account Model.

Entitlements and Quotas

When you purchase an enterprise account, you’re entitled to use a specific set of resources, such as the amount of memory that
can be allocated to your applications.

This is custom documentation. For more information, please visit SAP Help Portal. 7
 6/11/25, 2:43 PM

On SAP BTP, all external dependencies such as databases, messaging systems, files systems, and so on, are services. In
this context, multitenant applications and environments are considered services.

Each service has one or more service plans available. A service plan is the representation of the costs and benefits for a
given variant of a particular service. For instance, a database may be configured with various "T-shirt sizes", each of which
is a different service plan.

An entitlement is your right to provision and consume a resource. In other words, entitlements are the service plans that
you're entitled to use.

A quota represents the numeric quantity of a service plan that you're entitled to consume in your global account and its
subaccounts.

For more information, see Entitlements and Quotas.

User and Member Management

On SAP BTP, user management takes place at all levels from global account to environment. There are different types of users,
such as depending on their roles in the company.

User accounts enable users to log on to SAP BTP, access subaccounts, and to use applications according to the permissions
granted to them. We distinguish between two types of users:

Platform users are usually developers, administrators or operators who deploy, administer, and troubleshoot accounts,
applications and services on SAP BTP.

Business users use the applications that are deployed to SAP BTP. For example, the end users of SaaS apps or services,
such as SAP Build Work Zone, or end users of your custom applications are business users.

This is custom documentation. For more information, please visit SAP Help Portal. 8
 6/11/25, 2:43 PM
Member management refers to managing permissions for platform users. A member is a user who is assigned to an SAP BTP
global account or subaccount. Administrators can add users to global accounts and subaccounts and assign roles to them as
needed. You can use predefined roles, for example the administrator role for managing subaccount members.

User management refers to managing authentication and authorization for your business users.

For more information, see User and Member Management.

Tools, Programming Models, Programming Languages, and APIs

SAP BTP provides various programming languages and tools for your development project:

SAP BTP includes many tools to help you develop and manage applications, and connect them to your on-premise systems.
For more information, see Tools.

SAP BTP supports many different programming languages; the availability of each depends on the development
environment you're using. For more information, see Programming Languages.

The SAP Cloud Application Programming Model offers a consistent end-to-end programming model that includes
languages, libraries, and APIs that are tailored for full-stack development on SAP BTP. For more information, see
Programming Models.

Depending on your use case, you can choose between different offerings for continuous integration and delivery. For more
information, see Continuous Integration and Delivery (CI/CD).

Discover and consume APIs to manage, build, and extend the core capabilities of SAP BTP. For more information, see APIs.

Getting Started
Once you're familiar with the basic concepts of SAP BTP, you can start your first workflows or check out further resources that
help you get started quickly.

Onboarding Guides

The SAP BTP Administrator's Guide helps you plan your development projects on SAP BTP from onboarding to SAP Cloud Identity
Services, through setting up the correct organizational structure, to creating an account and security model, to developing and
operating applications.

The SAP BTP Developer’s Guide helps you define the correct methodologies and tools for your development project.

Getting Started Workflows

Learn how to get a global account and get started with a trial or an enterprise account on SAP BTP. A trial account lets you try out
SAP BTP for free, and within an enterprise account, you can use so-called free tier service plans for free. See Trial Accounts and
Free Tier.

Depending on your use case, follow the appropriate workflow:

Getting a Global Account

Getting Started in the Cloud Foundry Environment

Getting Started in the ABAP Environment

This is custom documentation. For more information, please visit SAP Help Portal. 9
 6/11/25, 2:43 PM
Getting Started in the Kyma Environment

Additional Resources
The SAP Developer Center provides further resources to get you started:

SAP Discovery Center

SAP BTP in SAP Developer Center

Start Developing on SAP BTP Tutorials

Related Information
SAP BTP Administrator's Guide
SAP BTP Developer's Guide
Access the Cockpit

Development
Develop and run business applications on SAP Business Technology Platform (SAP BTP) using our cloud application programming
model, APIs, services, tools, and capabilities.

SAP BTP supports multiple environments. It features a number of tools and programming languages that increase your flexibility
and freedom when developing applications. You can choose the environment that best suits your use cases and skill set and get to
work. You also have the possibility to integrate applications you’ve built with other solutions by SAP.

Environment options

Cloud Foundry Kyma ABAP

Benefits Simplified developer Take full advantage of the ABAP programming language
experience for business advanced features and rich
Fast prototyping with ABAP
application development ecosystem of Kubernetes
RESTful Programming Model
Large choice of programming Free choice of programming (RAP)
languages languages and models
Integrated development
(containerized deployments)
Intuitive “code-to-container” lifecycle
packaging and deployment, Combines microservices and
Reuse existing on-prem ABAP
managed by the platform serverless functions
assets
Platform-managed application Built-in, managed service mesh
security patching and updates based on Istio, and other cloud-
native open-source modules to
Automatic application routing,
reduce the development effort
load balancing, health checks,
and multilevel self-healing Built-in, managed event mesh

Support for CAP – an Managed infrastructure: day-2

opinionated business app operations, security patches,
development framework and updates

Full administrator access

Refined horizontal and vertical

automatic scalability

This is custom documentation. For more information, please visit SAP Help Portal. 10
 6/11/25, 2:43 PM

Cloud Foundry Kyma ABAP

Dedicated application runtime

Zero downtime infrastructure

setup by default

Support for CAP – an

opinionated business app
development framework

Support for on-premise

connectivity

Additional Comparison: SAP BTP, Kyma Runtime Comparison: SAP BTP, Kyma Runtime Development in the ABAP
Information and SAP BTP, Cloud Foundry Runtime and SAP BTP, Cloud Foundry Runtime Environment

Shared
No infrastructure vendor lock-in
Benefits
Build scalable multitenancy business applications (SaaS)

Out-of-the-box consumption of SAP and hyperscaler services

Built on industry standards and open technology

Good For Managed build-on approach Open build-on approach User-centric process
extensions
Enterprise-grade business Enterprise-grade applications
applications and services Robust, transactional cloud
Cloud-native development of
applications
Cloud-native web applications apps and services
and services Migrating and adapting add-
Low latency infra-services
ons to the cloud
Scalable, microservice-based communication
applications Reusing existing on-premise
Reduced infrastructure
ABAP code
Small to medium extensions management effort
built with CAP/low-code Enabling ABAP developers to
Highly scalable, microservice-
tooling go to the cloud
based applications

Applications built with CAP

Skills Any major programming Kubernetes knowledge Ability to write modern ABAP
languages code
Docker
SAP Fiori/UI5 and SAP HANA Core data services
NodeJS or Python for
serverless functions SAP Fiori/UI5 and SAP HANA

Any major programming

language

SAP Fiori/UI5 and SAP HANA

We provide detailed information about developing, configuring, and deploying your applications depending on your preferred
environment and development approach.

Development in the Cloud Foundry Environment

Learn more about developing applications on the SAP BTP, Cloud Foundry environment.
Development in the ABAP Environment
Learn more about developing applications in the ABAP environment.

This is custom documentation. For more information, please visit SAP Help Portal. 11
 6/11/25, 2:43 PM
Development in the Kyma Environment
Learn more about developing applications in SAP BTP, Kyma runtime.

Related Information
SAP BTP Administrator's Guide
Developing with the SAP Cloud Application Programming Model
Consuming Services in SAP BTP

Extensions
The extension capabilities of SAP Business Technology Platform (SAP BTP) enables developers to implement loosely coupled
extension applications securely, thus implementing additional workflows or modules on top of the existing SAP cloud solution they
already have.

Unified Customer Landscape

The Unified Customer Landscape service provides capabilities for automated extensibility and integration of SAP and third-party
systems.

All standard SAP solutions are offered with customizing capabilities. Additionally, customers often have their own requirements for
innovative or industry-specific extensions and the extension capabilities of SAP BTP can help them build, deploy, and operate their
new functionality.

You can extend standard SAP solutions without disrupting their performance and core processes. When building extension
applications, you can also benefit from the automation of the integration between the cloud platform and the extended SAP
solutions.

You can also benefit from an automated integration between SAP systems or between SAP systems and a specific service in SAP
BTP.

Using the Unified Customer Landscape service, you can maintain your customer landscape. The frontend representation of this
service is the System Landscape page in the SAP BTP cockpit. The dedicated SAP S/4HANA Cloud Extensibility and SAP
SuccessFactors Extensibility services are also part of the Unified Customer Landscape capabilities. See Maintaining Unified
Customer Landscape.

To get a full list of terms related to the extensibility and integration concepts in the Unified Customer Landscape area, see
Extensibility and Integration Concepts.

Registering and Deregistering Systems

To connect a system with a global account in SAP BTP, you need to have the system listed in the System page.

Adding, Registering and Deregistering Systems

Integrating SAP Solutions

You can integrate several systems and services as part of the common business scenario. To do that, you create a formation in the
SAP BTP cockpit that includes all systems that the scenario requires. Every formation has a type related to its purpose. Using
formations is a standard way to enable the communication between systems.

See Integrating SAP Solutions.

This is custom documentation. For more information, please visit SAP Help Portal. 12
 6/11/25, 2:43 PM

Extending SAP Solutions

The extension capabilities of SAP BTP provide a standard way for extending SAP solutions and developing event-driven extensions
and applications. This framework includes:

Simplified, standardized and unified extensibility and configuration for the SAP solutions.

Central catalog per customer for all connected SAP systems where data such as APIs, events, credentials and other is
stored. You can benefit from business services and actionable events across end-to-end business processes.

You have the following options to extend your SAP solution using the SAP SuccessFactors Extensibility or SAP S/4HANA Cloud
Extensibility services:

Extensions with automated configurations in the Cloud Foundry runtime: applicable for SAP S/4HANA Cloud, SAP
Marketing Cloud, and SAP SuccessFactors.

Extensions with automated configurations in the Kyma runtime: applicable for SAP S/4HANA Cloud, SAP Marketing Cloud,
SAP SuccessFactors, SAP Cloud for Customer, SAP Commerce Cloud, and SAP Field Service Management.

If you have to group the systems of different SAP solutions in the same business case, you can set up the connectivity between all
these systems and a global account in SAP BTP in a single formation in the SAP BTP cockpit. See Automating Integrations Using
Formations.

See Extending SAP Solutions.

Troubleshooting
If you encounter a problem when extending an SAP S/4HANA Cloud or an SAP SuccessFactors system, go through the following
troubleshooting information first:

Troubleshooting for SAP S/4HANA Cloud Extensibility Service

Troubleshooting for SAP SuccessFactors Extensibility Service

Related Information
SAP BTP Developer's Guide: Extending Existing SAP Solutions Using SAP BTP

Administration and Operations

Administration and operation tasks for SAP BTP include management and configuration of global accounts and subaccounts as
well as the operation of applications.

This image is interactive. Hover over each area for a description. Click highlighted areas for more information.

Please note that image maps are not interactive in PDF outputs.

This is custom documentation. For more information, please visit SAP Help Portal. 13
 6/11/25, 2:43 PM

Administration of Global Accounts, Directories, and Subaccounts

Some of the typical responsibilities of SAP BTP administrators include maintenance of global accounts, management of
directories and subaccounts, and configuration of entitlements. To do this, you can use either the SAP BTP cockpit, the SAP BTP
command line interface, or APIs.

Account Administration in the Cockpit

Account Administration Using the SAP BTP Command Line Interface (btp CLI)

Account Administration Using APIs

Administration and Operations in Different Environments

Environments constitute the actual platform-as-a-service offering of SAP BTP that allows for the development and administration
of business applications. Each environment offers different approaches to manage administration and operations. For more
information, see Environments.

Administration and Operations in the Cloud Foundry Environment

In the Cloud Foundry environment, you can manage orgs, spaces, and space quota plans using the SAP BTP cockpit or the SAP
BTP command line interface.

Learn more about the different application operations that you can perform in the Cloud Foundry environment.

Org Administration Using the Cockpit

Org Administration Using the Cloud Foundry CLI

Application Operations in the Cloud Foundry Environment

Audit Logging in the Cloud Foundry Environment

Administration and Operations in the ABAP Environment

When using the ABAP environment, the account administration tasks are performed in the Cloud Foundry environment.

The application operations are specific to the ABAP environment. For more information, see SAP Fiori Apps in the ABAP
Environment.

Administration and Operations in the Kyma Environment

The administrators of the Kyma environment take care of setting it up and make sure it's ready for developers to work with.

Assign Roles in the Kyma Environment

Creating a Kyma Instance

Kyma Environment Backup

Related Information
Account Model

Security
This is custom documentation. For more information, please visit SAP Help Portal. 14
 6/11/25, 2:43 PM
Use the security features and functions of SAP BTP to support the security policies of your organization.

Security Recommendations

We provide a list with our recommendations for the configuration of our services. These recommendations help you to meet your
compliance goals and secure your business.

See SAP BTP Security Recommendations.

Our customer success organization uses these recommendations as a base to create a security baseline template.

For more information, go to https://support.sap.com/sos and choose Media Library SAP CoE Security Services - Security
Baseline Template .

User Model

SAP BTP distinguishes between platform users (account management, custom development, and operations) and business users
(for the applications).

See User and Member Management.

Authorizations

You can configure authorizations using roles and role collections for your global account, subaccount, directory, or individual
applications.

See Security Administration: Managing Authentication and Authorization.

Identity Providers

All users of SAP BTP are stored in identity providers, either in the default or in a custom identity provider. SAP BTP needs a copy of
the user, sometimes called a shadow user. You assign the shadow user authorizations to access resources in SAP BTP. When a user
authenticates, SAP BTP forwards the request to the identity provider.

For more information, see Trust and Federation with Identity Providers.

 Note
For the China (Shanghai) region, a different default identity provider is used.

For more information, see this blog article on SAP Community.

Default Identity Provider

We provide a default identity provider for both platform users and business users (in applications) at SAP BTP. The default identity
provider enables single sign-on to your SAP applications and services.

Use the default identity provider as a preconfigured user store in your starter scenarios or for testing. You can also use the default
identity provider as a backup identity provider if access to your custom identity provider fails.

See Default Identity Provider.

This is custom documentation. For more information, please visit SAP Help Portal. 15
 6/11/25, 2:43 PM

Identity Authentication Service

Identity Authentication service provides authentication and single sign-on in the cloud.

We recommend that you configure the Identity Authentication service as the identity provider and connect Identity Authentication
to your own corporate identity provider. Identity Authentication provides features that the default identity provider doesn't, such
as the ability to connect your corporate identity provider or to define security policies.

See Trust and Federation with Identity Providers.

For more information about Identity Authentication, see SAP Cloud Identity Services - Identity Authentication.

Transport Layer Security (TLS) Connectivity Support

SAP BTP uses encrypted communication channels based on HTTPS/TLS, supporting TLS version 1.2 or higher.

 Note
TLS versions 1.0 and 1.1 are no longer supported.

Make sure you use HTTP clients (such as web browsers) that support TLS version 1.2 or higher for connecting to SAP BTP.

 Note
You can optionally use TLS 1.3 in the Custom Domain Manager. This option allows the use of TLS 1.3 with applications running
on SAP BTP. It's not allowed to use TLS 1.3, for example for the SAP BTP cockpit or SAP Cloud Identity Services. These services
are still using TLS 1.2.

See What Is Custom Domain.

Audit Logging
Use the Audit Log Retrieval API to view the audit logs stored for your subaccount. Use the audit log viewer to display the audit logs
for your Cloud Foundry account, produced by SAP applications and services you’ve subscribed to. See Audit Logging in the Cloud
Foundry Environment.

Credential Store

SAP Credential Store provides a repository for passwords and keys for applications that are running on SAP BTP, Cloud Foundry
environment. It enables the applications to retrieve credentials and use them for authentication to external services, or to perform
cryptographic operations and TLS communication.

See SAP Credential Store.

Malware Scanning

Use the SAP Malware Scanning service to scan business documents for malware. Integrate this service with your custom-
developed apps running on the Cloud Foundry runtime. When your apps upload business documents, your apps can call the SAP
Malware Scanning service to check for viruses or other malware.

For more information, see SAP Malware Scanning Service.

This is custom documentation. For more information, please visit SAP Help Portal. 16
 6/11/25, 2:43 PM

Related Information
SAP Authorization and Trust Management Service
Audit Logging in the Cloud Foundry Environment
Principal Propagation
Data Protection and Privacy
Security in the Kyma Environment

This is custom documentation. For more information, please visit SAP Help Portal. 17