Contact Us

cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
SAP Digital Interconnect Employee

How does SAP Live Link 365 manage security?

SAP Live Link 365 is ISO 27001 Security Certified 9: https://en.wikipedia.org/wiki/ISO/IEC_27001).

 

Additionally, it has SOC 2 type I: https://www.incapsula.com/web-application-security/soc-2-compliance.html.

 

User credentials to access SAP Live Link 365’s portal are managed by SAP’s Cloud Identity service.  The Cloud Identity service provides a secure method for credential self-management and password resets.

SAP Live Link 365’s APIs use OAuth2 over HTTPS.  The OAuth2 credentials are self-managed in the Live Link portal.  Developers maintain their own key and secret, which is never stored or transmitted in plain text.    

 

OAuth2 is an authorization framework allowing third-party applications to grant limited access to an HTTP service, either on behalf of a resource owner or by allowing the third-party application to obtain access on its own behalf. Access is requested by a client, it can be a website or a mobile application for example.  OAuth2 uses short-lived tokens for API authentication, reducing the risk of credentials being compromised and limiting the impact of a compromise.

 

For more information about the OAuth2 standard, see the OAuth working group’s website.

 

Michael Smith,
Product Manager SAP Live Link 365
Labels (3)