SAP helps protect your sensitive company information and ensures compliance to the pertinent data protection regulations that may apply to all our customers and partners (e.g. GDPR). However, it is your responsibility to ensure only the right people have permission to transact on behalf of your company, and only with the authorizations required to complete their tasks.
A valid email address is mandatory for SAP Universal ID and all S-user IDs.
SAP is assisting customers and partners in their responsibility for users administration by introducing compliance checks on email addresses.
SAP will neither disable, deactivate nor delete any of these highlighted users.
SAP will only highlight users with non-compliant email addresses in the User Management application.
Technical Communication Users are explicitly excluded from these rules.
Super and Cloud Administrators are required to maintain an official list of their company's email domains, ensuring that S-users match their corporate email address.
A minimum of one domain is required. For your own security, please do not add domains that are not associated with your company.
The information will be used to validate S-users' email addresses - those that do not comply will be highlighted in the User List, User Profile and Contact Detail Page of the User Management application.
In future, if a new S-user ID is requested or an existing S-user changes their email address, only those that successfully match corporate domains will be allowed, while others will be rejected. Super and Cloud Administrators may choose to override if necessary. Nevertheless, Super and Cloud Administrators will still be allowed to use public or free email sites after entering an acceptable reason in the note field either in the user creation form or in the users contact detail page.
One example of improved compliance is that SAP ONE Support Launchpad notifications will then only be sent to corporate email domains.
For more information, see SAP Knowledge Base Article 3025172 - How to add or remove email domains for my customer number - SAP ONE Support Launchpad
To enhance security and improve data quality, we have introduced governance for email addresses used by all new SAP Universal IDs and S-users.
SAP Universal IDs are owned by a person with a unique email address (1 person = 1 user). Therefore, we are now blocking email addresses commonly shared by groups.
For example, email@example.com is not a personal, unique email address and cannot be used to create an SAP Universal ID. This restriction has also been added to the User Management application in the SAP ONE Support Launchpad.
For more information, see SAP Knowledge Base Article 3025162 - ERROR: Our policy does not allow the use of this email address as it is used as a shared email address. Please use a unique email address - SAP ONE Support Launchpad
We have introduced a duplicate check for every newly created S-user, within the same customer number, based on a unique and individual email address.
S-user account creation with duplicate email addresses is no longer supported for data quality, security, and compliance reasons. Additionally, cleansing of email duplicates has already led to significantly faster S-user creation.
For more information, see SAP Knowledge Base Article 3032024 - Error: This email address already exists for your selected customer. Our policy does not allow the use of an existing email address for the same customer - SAP ONE Support Launchpad