Configure Authentication and Authorization on SAP BTP
- How to test authorizations on the applications deployed to SAP BTP, Cloud Foundry
René JeglinskyDecember 8, 2023
Before you deploy your authentication-enabled application you have to create an instance of service Authorization and Trust Management Service (XSUAA) and configure it, bind it to your application and provide it with the security descriptor that contains roles and scopes of your application. For more details, see section Protecting Your Application in the SAP BTP documentation.
- Step 1
Open your application in the browser. Using the links on the welcome page you can check that you can’t access the
Ordersentity or everything under theAdminService. You should see a401error in case you click on these.To use the
AdminService, you need to assign yourself to the role collectionBookStore_Administratorsthat was defined in thexs-security.jsonfile. To assign this role collection to your user you need to navigate to the Security → Role Collections section of your SAP BTP subaccount.- Select the
BookStore_Administratorsrole collection and choose Edit. Enter your email address in the ID and E-Mail field and choose Save.
- Select the