Authentication for administrators is always performed by SAP Mobile Platform Server. Management Cockpit automatically delegates administrator authentication to the providers that are configured for the Admin security profile.
Initially, the Admin security profile has just one authentication provider, System Login (Admin Only), populated with a user name and password that was prompted during installation. This user is meant to be temporary to enable initial use of the Management Cockpit. To make the Admin security profile production-ready, you must initially log in using the administrator credentials defined with the installer, and replace the System Login (Admin Only) module with production-ready providers.
The System Login (Admin Only) provider does not enforce password strength or change policies that are typically in place for a production environment. Therefore, substitute the System Login (Admin Only) module with a authentication provider that is suitable for a production environment. Subsequent logins are then performed with user credentials assigned to the Administrator role.
The Admin security profile authenticates and authorizes administrative users. In your production system, remove this user as soon as the Admin security profile is configured to use your identity management system.
SAP recommends that you restrict the use of the Admin security profile to administration authentication only.