SAP Identity Management to Microsoft Entra ID Migration Guidance Now Available

We’re excited to announce that guidance for SAP Identity Management (IDM) customers planning to migrate their identity management scenarios to Microsoft Entra is now available. In a previous post, we discussed SAP ending maintenance for their identity management solution (SAP IDM) by 2030. We've since begun jointly developing documentation to help customers plan a seamless migration to the recommended alternative—Microsoft Entra ID. For many customers, it may be possible to get started immediately, leveraging the subscriptions that they already own with Microsoft 365 suites. Microsoft 365 enterprise suite licenses include Entra ID P1 features that will be the focus of this first round of guidance. In this post, we’ll also outline additional benefits of Microsoft Entra ID and list some key partners who can help you get started. 

 

Continuing collaboration for enterprise security 

 

Microsoft and SAP have a long history of collaborating to keep our customers’ organizations productive and secure—an effort especially important now as more companies have adopted hybrid work arrangements, making it possible to work from office and from home. For example, last year we announced how Microsoft Sentinel is helping organizations bring SOAR threat monitoring capabilities to their SAP environments. We continue to deepen our relationship, and now we’re extending support for SAP customers’ digital transformation and cloud adoption goals with a seamless and secure identity management solution in Microsoft Entra ID. 

 

Today, we’re introducing the first set of guidance to migrate from SAP IDM to Entra ID. SAP customers who are using SAP IDM for cloud and on-premises applications like SuccessFactors, SAP Cloud Identity Services, or Windows Server Active Directory can begin to use Microsoft Entra features such as Conditional Access to enforce Zero Trust access policies, and automatic provisioning that ensures users have the accounts they need for their job role. For SAP IDM customers who want more guidance on advanced IAM integrations, such as with Micosoft Entra ID Governance or external IDs, for example, we’re developing additional in-depth guidance on each of those areas that will be published later this year.  

 

Modernizing your security strategy and moving toward a Zero Trust framework is not an overnight process, so we recommend customers start their journey to adopt cloud services and gain productivity and security benefits. Therefore, we’ve included guidance for migration of the most common scenarios, including: 

 

• Authentication and single sign-on 
• Integrating with SAP HR systems of record 
• Provisioning for SAP
• Provisioning for non-SAP systems 

 

Microsoft and SAP will continue to enhance Microsoft Entra ID and deliver deeper integrations with SAP Cloud Identity Services and SAP Cloud Identity Access Governance.  As new scenarios become available, we’ll provide ongoing updates to this guidance, incorporating customer and partner feedback. 

 

Modern identity management is a strategic investment

 

Progressive organizations are switching to cloud-based identity solutions. Older systems, designed for on-site environments, fail to satisfy the demands of the modern cloud-first, mobile, decentralized workforce. Additionally, they can be expensive, complicated, and susceptible to security risks.  

 

We know that multifactor authentication (MFA) and single sign-on methods can reduce password breaches by 99.9%, but the benefits of a cloud-based solution in Microsoft Entra ID extend beyond just a stronger security posture. Optimized operational efficiency allows identity teams to do more impactful work and an improved user experience makes the entire organization less frustrated. By moving to Microsoft Entra ID, the benefits of your strategic investment continue: 

 

• Support for SAP and non-SAP apps and systems—both on-premises and cloud 
• Rich set of APIs, SDKs, and connectors for customization 
• Minimized vendor footprint 
• Reduced costs and complexity 
• Help meeting identity-related requirements for GDPR, HIPAA, and ISO 27001   
   

Modernizing identity management is key to boosting organizational security and shielding users and assets from the most common security threats. It’s more than just a cybersecurity measure; it also enhances user experience and operational efficiency. Generative AI, Zero Trust security, decentralized identity, and the flexibility to tailor access policies to exactly match your unique needs and demands offer compelling opportunities to better protect your apps and resources. 

 

Partner network ready to help

 
We’ve also been working with a set of key partners to help organizations begin their migrations, including some with long-term experience in Microsoft/SAP environments.

 

Here are organizations with whom we’ve shared the guidance and can help get you started:

 

Microsoft partner

Accenture

Avanade

Campana & Schott

DXC

KPMG

Patecco

Protiviti

PwC

ObjektKultur

IB Solution

SITS

Traxion

Edgile, a Wipro company

 

Click here to read more about these and more partners who can help you get started. 

  

Irina Nechaeva

General Manager, Identity and Network Access  

  

 

Read more on this topic

• Preparing for SAP Identity Management’s End-of-Maintenance in 2027.​
• Microsoft and SAP work together to transform identity for SAP customers - Microsoft Community Hub 

 

Learn more about Microsoft Entra  

Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds. 

• ⁠Microsoft Entra News and Insights | Microsoft Security Blog  
• ⁠⁠Microsoft Entra blog | Tech Community  
• ⁠Microsoft Entra documentation | Microsoft Learn 
• Microsoft Entra discussions | Microsoft Community