Web Single Sign-on for B2B Customers of SFS Group

User administration made easy with nevisIDM

The SFS group’s companies run a number of Web shops and Internet solutions for their globally operating customers. By introducing a Nevis-based identity and access management infrastructure, the heterogeneous application landscape was integrated into a central single sign-on solution at the beginning of 2013. Today, customers don’t need a separate account for each application anymore but are able to access them by one single account.

The SFS group’s companies (SFS intec, SFS unimarket, SFS Locher and SFS services) are international manufacturers and national retailers of industrial products. The products are sold, among other channels, via a number of independent Web shops and the customers are also offered access to B2B information and collaboration platforms. Up to now the customers needed a separate account for each application. By introducing a Nevis-based identity and access management infrastructure, the applications were integrated into a central single sign-on solution. Thus the customers only need one single account to access the Web solutions of SFS today.


Authentication is performed by the access management components of the Nevis security and compliance suite. User data and login credentials are stored in a central directory based on nevisIDM. The flexible authorization concept allows the introduction of delegated administration. Thus the responsible departments within SFS are able to manage their own accounts. The login process for the users has been considerably simplified: They can use their personal e-mail address as login name and use a self-service functionality for password resets (change password and „forgot password“).

By introducing roles and a real-time provisioning solution, the processes for the granting of access rights could be considerably simplified and automated. The customers‘ contact persons in SAP are automatically transferred to nevisIDM. The users generated by this process are available to the customers right after they have been allocated the role. New users are created automatically and a generated e-mail informs them about their access data and how to proceed at initial login.

In turn, customers can register new users in the context of delegated administration in nevisIDM which transfers the master data to SAP. No matter whether a user is created in SAP or nevisIDM, the provisioning to the target systems is done automatically. The user accounts are created and activated in the corresponding shop systems and portal solutions. As a result, the administrative effort to create and decommission users and authorizations is significantly reduced. In addition, the business partner benefits from a much shortened provisioning time for new user accounts.


  • Central user administration and single sign-on for extranet and eShop users
  • SSO integration of different shop systems and Web applications
  • Security and comfort thanks to personal user accounts. Each user has left one single account for extranet access.
  • Personal e-mail address can be used for login process
  • Self-service functionality for password reset
  • Automatic synchronization of master data from business applications
  • Consistent and much simplified processes for granting of access rights
  • Possibility of delegated administration for departments and customers


  • Nevis: nevisProxy, nevisAuth, nevisIDM, nevisDataPorter
  • SAP-based business applications and Web shops