Hello Reem,
There are two products from SAP that offer two-factor authentication for SAP and non-SAP applications like SuccessFactors that are SAML Service Providers.
The first product is the SAP Single Sign-On (supports TOTP, RSA, SMS, e-mail) and the second one is our SaaS solution SAP Cloud Identity (supports TOTP).
When you decide to use the SAP Single Sign-On product capabilities you have to implement the on premise SAML IDP, to configure the SAML trust between our SAML IDP and the SuccessFactors SAML SP. The on premise SAML IDP needs to be configured to use the TOTPLoginModule, here is one guide that describes how to use the TOTPLoginModule for two-factor authentication: Simple Configuration Example for Implementing Two-Factor Authentication (2FA)
You can use as two-factor authentication not only TOTP passcodes but you can configure also RSA codes or even to send the code as an SMS to users who's mobile devices are not smart phones. This solution could be combined with risk-based authentication capabilities and you can decide when to ask the user for the 2FA passcode (for example when the user is coming from an external IP adress)
The same solution is available also with SAP Cloud Identity(SCI). Once you subscribe for the service and configure the trust between the SCI (SAML IDP) and the SuccessFactors (SAML SP), you can simply enable two-factor authentication for all authentications or for certain users and IP ranges. See some details here:SAP Cloud Identity Service
I hope this is helpful.
Regards,
Donka Dimitrova