Contact Us

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Community Manager
Community Manager

How does SAP Live Link 365 manage security?

 
Manpreet Kaur
Head of Social Engagement
0 Kudos
SAP Digital Interconnect Employee

Re: How does SAP Live Link 365 manage security?

SAP Live Link 365 is ISO 27001 Security Certified 9: https://en.wikipedia.org/wiki/ISO/IEC_27001).

Additionally, it has SOC 2 type I: https://www.incapsula.com/web-application-security/soc-2-compliance.html.

 

User credentials to access SAP Live Link 365’s portal are managed by SAP’s Cloud Identity service.  The Cloud Identity service provides a secure method for credential self-management and password resets.

SAP Live Link 365’s APIs use OAuth2 over HTTPS.  The OAuth2 credentials are self-managed in the Live Link portal.  Developers maintain their own key and secret, which is never stored or transmitted in plain text.    

OAuth2 is an authorization framework allowing third-party applications to grant limited access to an HTTP service, either on behalf of a resource owner or by allowing the third-party application to obtain access on its own behalf. Access is requested by a client, it can be a website or a mobile application for example.  OAuth2 uses short-lived tokens for API authentication, reducing the risk of credentials being compromised and limiting the impact of a compromise.

 

For more information about the OAuth2 standard, see the OAuth working group’s website.

 

Michael Smith,
Product Manager SAP Live Link 365