For the best web experience, please use IE11+, Chrome, Firefox, or Safari
Free Trials
Home / SAP IDM is retiring in 2027: The market is moving to SAP-certified replacements

SAP IDM is retiring in 2027: The market is moving to SAP-certified replacements

Every organization running SAP IDM must migrate — the ones who start now can move on their own timeline, without disruption.

  • Unmatched breadth of native SAP integration — purpose-built connectors across the full SAP ecosystem mean faster deployment, fewer custom workarounds, and a lower total cost of ownership than point solutions that bolt on SAP support as an afterthought.
  • Granular Segregation of Duties (SoD) designed for SAP's complexity — go beyond role-based access with SoD controls that understand SAP's unique authorization model, helping your organization stay audit-ready and reduce compliance risk without slowing down the business.
  • Deep integration capabilities, including Behavioral-Driven Governance (BDG) for SAP — leverage BDG to move beyond static role assignments, using real user behavior patterns to inform access decisions and catch risk that traditional identity governance tools simply miss.
  • Unified governance across SAP, Active Directory and Entra ID — manage SAP accounts, all Active Directory domains and Entra ID tenants from a single console, enforcing least privilege and zero standing privileges across your entire hybrid identity landscape.
Try Online Request Pricing

For a limited time, we’re offering a special promotion for organizations migrating from SAP IDM – covering discovery, licensing and migration to ensure you are set up for success. Learn More

Our product set of cloud and on-prem solutions enhance SAP compliance and governance with a cross-platform view that merges the SAP controls with the rest of your enterprise. With this visibility of your SAP and non-SAP resources, you can simplify user provisioning and de-provisioning, and permissions management by consolidating management to one solution.

Our certified Identity Manager by One Identity SAP Connector supports:

  • SAP S/4HANA Cloud, Private Edition
  • SAP Business Suite (ECC, R/3)
  • SAP Human Capital Management (SAP HCM)
  • SAP Business Intelligence (SAP BI)
  • SAP GRC Access Control (via web services calls)
  • SAP Identity Access Governance / SAP IAG (via REST API calls)
  • SAP Cloud Applications (e.g. SAP Concur)
  • SAP Cloud Identity Services
  • Aggregated SAP Usage Statistics

The SAP Connector integrates Identity Manager controls and workflows with all on-premises SAP R/3 or S/4HANA systems, including ERP, human capital management and business intelligence solutions. Connectivity with all other SAP applications is included in the One Identity Manager standard licensing.

Additional connections:

  • For cloud applications, Starling Connect is required
  • For unifying UNIX/Linux to Active Directory, One Identity Safeguard Authentication Services is required

High level benefits

  • Use one console to manage SAP accounts and privileged access across your enterprise
  • Bring all IT resources under governance by correlating SAP accounts to corporate identities
  • Verify and enforce SAP-optimized segregation of duties and access reviews
  • Deliver self-service request for all SAP access with specialized workflows and business logic
  • Accelerate deployments, reduce complexity and facilitate SAP Single Sign-on with OOTB automated processes
SAP-Certified since 2003

SAP-Certified since 2003

With SAP IDM reaching end of maintenance in 2027, you need an experienced SAP-certified partner to ensure a seamless transition while strengthening governance, security and compliance across your SAP environment. One Identity has held SAP certification since 2003 – for user lifecycle management (provisioning, reprovisioning, and deprovisioning), governance (attestation and audit), and native connector integration with S/4HANA, SAP Business Suite, SAP Cloud Identity Services and more.
View Products
Deep SAP Integration

Unmatched Native SAP Integration

One Identity offers the deepest SAP integration in the market. Purpose-built connectors across SAP S/4HANA, SAP SuccessFactors, SAP Cloud Identity Services, and SAP Business Suite deliver faster deployment, fewer custom workarounds and lower total cost of ownership than point solutions that treat SAP as an afterthought. It’s native integration depth that only 20+ years of SAP certification can deliver.
View Products
Granular SoD and Behavior-Driven Governance for SAP

Granular SoD and Behavior-Driven Governance for SAP

Go beyond static role certifications with SoD controls built for S/4HANA's layered authorization model – including Fiori apps, OData services, and CDS views – so your organization stays continuously audit-ready for SOX. Behavior-Driven Governance (BDG) uses real user behavior analytics to continuously surface excessive privileges and catch SoD violations before they become audit findings, delivering access governance that traditional IGA tools miss entirely.
View Products
Active Directory / Entra ID Management

Active Directory / Entra ID Management

Microsoft Entra ID plays a key role in a modern identity infrastructure, but it isn’t designed to centrally govern SAP authorizations or manage on-premises Active Directory lifecycle at scale. Active Roles provides that missing control layer, unifying Active Directory domains, Microsoft Entra ID tenants and SAP accounts in a single console with automated joiner/mover/leaver lifecycle management and policy-based least privilege enforced across your hybrid environment.
View Products

Featured Products

All
SAP-Certified
Deep SAP Integration
From Administration to Governance
Access Management
Better Tools

Active Roles

Consolidate, streamline and strengthen your Microsoft environment to protect your business

Download Free Trial

Identity Manager

Govern and secure user access to data and enterprise apps to reduce risk and satisfy compliance

Learn More

Identity Manager On Demand Starling Edition

Identity Manager On Demand Starling Edition

Learn More

Safeguard Authentication Services

Leverage AD bridging to unify policy-based management across Unix, Linux, and Mac systems

Learn More
 

Resources

View All
On Demand Webcast

Integrating SAP Into an Identity Fabric

Watch this webinar to: Understand the challenges and implications of transitioning from SAP IDM to newer SAP solutions. Find...
White Paper

SAP GRC Framework Integration with One Identity Manager

SAP Cloud Identity Access Governance (SAP IAG) and SAP Access Control (SAP AC) are two powerful solutions from SAP to address c...
On Demand Webcast

Webinar: Integrate SAP accounts with your IAM systems to get a unified view of your entire enter...

Implementing Identity and Access Management (IAM) across multiple IT infrastructures and software platforms is a major challeng...
White Paper

Successful integration with SAP solutions

On our mutual customers’ journey of cloud transformation, One Identity, as a partner of SAP, supports with their holistic ident...
White Paper

KuppingerCole- One Identity Manager SAP Integration

Integrating SAP systems is a common requirement in IAM (Identity and Access Management) projects. With SAP being a leader in va...
E-book

See how six organizations simplify IGA for SAP

See how six organizations simplify IAM for SAP
Case Study

B. Braun automates IAM for greater security and compliance

B Braun improved security by automating account provisioning, while also ensuring company data is protected in its hybrid envir...