Intro

The SAP Fiori onboarding pattern provides a consistent, native-first user experience, allowing users to set up their account and get the app running. It features a sequence of optional, configurable flows that support custom pages, along with individual page patterns available within the SDK. The flows and subflows can vary depending on the configuration of the app by the admin or the IT department in terms of data sensitivity, security level, and number of users.

Custom welcome page on compact screen (left) and expanded screen (right)

Usage

Use the single-user onboarding flow to:

Streamline the user activation and onboarding process.
Simplify the security framework of your company.

Don't

Don’t use the single-user onboarding flow if there are several users sharing one device; use multi-user onboarding instead.

Variations

First-Time User Onboarding Flow

The onboarding flow for first-time users checks different elements of your security, IT, or legal requirements and displays required flows to users.
It includes subflows and individual sample pages, however, you can add custom pages to meet your security requirements.

First-time onboarding flow from left to right: EULA (optional), activation, authentication, passcode creation, user consent

Splash Screen (Optional)

The splash screen is the first branded screen users encounter after the system-controlled launch screen, which appears briefly during startup and is not part of the onboarding process. As the app’s first interactive surface, the splash screen serves as the entry point into the onboarding experience.

In SAP applications, it is generally kept minimal, typically showing only a centered logo to create a smooth transition from the launch screen while avoiding unnecessary delays

Light splash screen (left) and dark splash screen (right)

Launch Screen (Optional)

The launch screen serves to set the overall tone of the app while also presenting major information and features to the user. It provides key actions for users to start interacting with the app, including agreeing to legal terms, trying out demo mode, and continuing to the application setup.

Launch screen

End User License Agreement (Optional)

Depending on legal requirements, an end user license agreement (EULA) can be added to the onboarding process.

The default EULA screen is included in the onboarding flow, with variations available as individual page types.

EULA screen

Activation (Optional)

The activation subflow is designed to identify your company’s domain and connect the mobile app to the correct system landscape. This process can differ based on security requirements and the type of devices users utilize for onboarding, such as corporate or personal phones. For example, if a user is on a corporate device managed by mobile device management (MDM), the flow automatically detects the enrolled device and bypasses several steps of the onboarding process.

The activation screen is a sample screen included in the flow that can be customized or replaced with a custom page tailored to your security requirements based on the device type the application is launched from.

Default activation methods (optional)

Discovery Service Activation Method

The Discovery Service connects users to the right system landscape when first using the app by automatically determining the tenant based on the information provided by the user, such as an email domain or onboarding code.

This step is part of the onboarding flow but only appears if your environment requires this activation method.

Discovery Service activation method

QR Code Scan Activation Method

QR code scanning is an activation method used to advance users to the next onboarding flow step by scanning an existing QR code. We recommend providing instructions on where to locate the QR code, using a custom page with an image and the breadcrumbs of the file location.

Custom page example for QR code activation

Authentication

Authentication is the only mandatory step in the onboarding flow, facilitated through your identification management technology (identity provider). Based on your security requirements and the device used to start the onboarding, this subflow might be launched within the app or in an external browser.

Basic Authentication

Basic authentication is a login method included in the onboarding flow that enables users to log in using an email address and password.

Basic authentication screen (default state)

App Passcode Creation (Optional)

If your app’s security protocol requires users to create an app passcode to lock access to the app, you can include the “Create Passcode” subflow as part of the first-time onboarding process. This step ensures that users define a passcode that complies with the security standards set by the administrator or IT department.

If a passcode is not required, a “Skip Passcode” variant of the “Create Passcode” screen is available. This allows users to bypass local passcode creation when adequate protection is already ensured through device-level or MDM-enforced security.

Passcode creation screen (left) and variant with skip button (right)

Biometric Authentication (Optional)

Biometric authentication methods such as fingerprint scanning and facial recognition are available based on users’ device capabilities. These features are integrated from the Android system, ensuring the authentication dialog adheres to system standards.

Biometric authentication screen

User consent can vary depending on the use case. It can contain end user agreements or other consent forms, such as crash reports.

User consent form

Returning User Onboarding Flow

The onboarding flow identifies returning users and launches relevant flows by verifying security measures.

Passcode Change (Optional)

The “Change Passcode” flow is part of the returning user experience and allows users to update or remove their existing app passcode after onboarding. It includes screens for verifying the current passcode and setting or confirming a new one in accordance with the security policies defined by the administrator or IT department.

By default, this flow is automatically triggered by the Onboarding Flow SDK whenever there is a change in the app’s security policy. This includes any adjustments such as enabling “Skip Passcode”, modifying passcode complexity, or updating the required number of characters. In these cases, existing users will be guided through the flow the next time they open the app. Applications should provide additional context to help users understand why they are being asked to update their passcode again.

In addition to being automatically triggered, the “Change Passcode” flow can also be invoked manually. Developers can launch it through provided APIs and surface it within a custom “Settings” or “Security” screen, allowing users to change or remove their passcode at any time. Embedding passcode management in settings also provides a more natural placement for security-related tasks and allows teams to include messaging tailored to their specific policies or compliance needs.

“Change Passcode” screen with passcode required and “Change Passcode” screen with passcode optional

Custom Flow

With Write Your Own Flow, you can create a custom flow using individual page types included in SAP BTP SDK for Android or other SAP Fiori for Android components.

Adaptive Design

Onboarding is supported on compact, medium, and expanded screens. On compact screens, the onboarding flow is displayed in portrait mode. On medium and expanded screens, the onboarding flow is supported in landscape and portrait mode.