Use case #
BI client tools such as Power BI, Power Pivot, Alteryx, etc. can start extractions in Xtract products, e.g., Xtract Universal or Board Connector). Xtract products load the extracted data directly into the tools. In this use case, it is often required that the extraction is executed with the SAP credentials of the (Windows AD) user, whose BI client triggered the extraction. This means that the SAP authorizations of the executing user apply, which is especially important when extracting BW/BEx queries.
The Windows credentials of the user must be forwarded to SAP using the Xtract product. On the way to SAP or on the SAP side, the Windows user and its SAP credentials are mapped.
Single Sign-On (SSO) with an Xtract product can be realized via different procedures:
- Secure Network Communication (SNC) with Client Certificates
- Secure Network Communication (SNC) with PSE and External ID
- Secure Network Communication (SNC) with SAP’s Kerberos Wrapper Library (deprecated)
- SAP Logon Ticket
The authentication method can be selected in the SAP connection settings, see SAP Connection - Authentication.
What is SNC? #
Secure Network Connection (SNC) enables authentication and transport encryption between SAP systems and between SAP systems and third-party tools like Xtract Universal and Board Connector. For more information on SNC, see SAP Help: SNC.