Login/Logout into an App

How can Users log in or out?

For Login / Logout into an App Simplifier provides the Server Action within the Process Designer.

The Action provides the following options:

Login: perform a user login inside an application
Logout: perform a user logout inside an application

Login Wizard

The easiest way to create a login functionality is using our Login App Wizard.

Login

After mapping the according parameters you can decide which port you’d like to connect.

Port	Description
success	The process will be executed after a successful login or logout.
error	The process will be executed after a failed login or logout.
already logged in	The process will be executed if the user is already logged in.

Login via Username and Password

The Server Action needs two parameters as input if you want the user of the application to fill in his username and password.

You can map the widgets in which the user fills in the information with the equivalent input parameter. (By double-clicking on the widget, you can choose the exact property that you need).

server_action_login_shape_username_pwd_80

Login via SAP Logon Ticket

If SAP is set as an Identity Provider and Users should use their SAP Username and SAP Password to login into Simplifier Apps, this is the right selection.

This scenario is mostly used when Simplfier Application uses only SAP Connectors for gathering or writing data and the Appbuilder wants to assure a Single-Sign-On within SAP.

As an alternative for this login, Simplifier offers also Identity Propagation to SAP (Read more). This allows the User to use for e.g. Entra ID via OAuth or SAML but also logged in to SAP in the backend with a different account.

For configuring this shape, provide the following data

User Name (the SAP Username of the User)
Password (the SAP Password of the User)
Authentication (Name of the configured Authentication Provider)

Prerequisites:

A valid SAP System has to be configured in the Server Settings Authentication Providers via SOAP or SAP RFC.

server_action_login_shape_sap_logon_ticket_80

Login via OAuth 2.0

Using an external Identity Provider via OAuth 2.0 is a common login scenario for organizations using central-managed Identities.

To configure this action, the following input parameters should be set:

Service – Name of the configured oAuth Provider Settings within Simplifier see Message Box
UserSync: If Sync is set to true, the User will be created within Simplifier User Management if not existing – Default is true.

When should I set the UserSync Parameter to false?

In certain scenarios, the App offers two different oAuth 2.0 Providers but the User has the same email address on both accounts. If UserSync is active, the User will log in using the first Provider then the User will created. If the user logs in again with the second Identity Provider the User exists and is assigned to the first Identity Provider, so the Sync will fail and therefore also the login. In this scenario, you can set the UserSync Parameter to false for the second Identity Provider, so the login will be successful but the user will be not synced back to Simplifier.

What is this UsePrinciplePropagation ?

UsePrinciplePropagation – If this is set to true, the SAP BTP Principal Propagation will be used which means the App except a former Token initiated by Login into SAP BTP and uses this Token to offer the User a seamless single-sign-on experience

Prerequisites:

A valid Identity Provider via OAuth 2.0 Procotol has to be configured in the Server Settings Authentication Providers e.g. Entra ID.

server_action_login_shape_oauth_20_ticket_80

Login via SAML 2.0

Using an external Identity Provider via SAML 2.0 is a common login scenario for organizations using central-managed Identities.

To configure this action, the following input parameters should be set:

Service – Name of the configured oAuth Provider Settings within Simplifier see Message Box
UserSync: If Sync is set to true, the User will be created within Simplifier User Management if not existing – Default is true.

When should I set the UserSync Parameter to false?

In certain scenarios, the App offers two different oAuth 2.0 Providers but the User has the same email address on both accounts. If UserSync is active, the User will log in using the first Provider then the User will created. If the user logs in again with the second Identity Provider the User exists and is assigned to the first Identity Provider, so the Sync will fail and therefore also the login. In this scenario, you can set the UserSync Parameter to false for the second Identity Provider, so the login will be successful but the user will be not synced back to Simplifier.

Prerequisites:

A valid Identity Provider via SAML 2.0 Procotol has to be configured in the Server Settings Authentication Providers e.g. Entra ID or Google

server_action_login_shape_saml_20_ticket_80

Notification Settings

After Login the user session could be expire due Simplifier Session Policy. If this happens, use can be actively informed within the App

Setting	Description
Notify user before logout	If this setting is enabled, the User will be notified before his Session expires for e.g. to save the actual working state within his app.
Time before expiry in minutes	This setting define the range in minutes for showing a notification before the User Session terminated

server_action_login_shape_notif_settings_80

Logout

For the Server Action Logout you don’t have to configure anything additionally. If this action is executed, the current User Session will be terminated.