Enterprise Resource Planning Blogs by SAP
Get insights and updates about cloud ERP and RISE with SAP, SAP S/4HANA and SAP S/4HANA Cloud, and more enterprise management capabilities with SAP blog posts.
Showing results for 
Search instead for 
Did you mean: 
A way to prevent direct login and cross site calling handling and restrictions is to use a proxy.

A proxy is usually an alias that is local to the server the app was started on. The SAP Cloud Platform (SCP) calls it ‘destination’.

How does a destination work?

An SCP destination is an alias of a URL. This could be a

A request to the destination results in a request to the maintained URL.

A request to a path below that destination, results in a request of that path relative to the URL.

Hence an access to /pathC/myFile.ext below the destination, would result in a request to


How to maintain a destination?

A destination can be maintained under Connectivity / Destinations.

Create the destination:

  • Provide an name, like bydsystem, you want to use later to consume the destination.

  • Provide the URL the destination should represent

  • Decide how the login has to be handled. SCP offers multiple alternatives including username/password.

Save the destination. After a few seconds a Button Check Connection appears. You can use this to check, if the connection to the system is working. You are not authenticated in this moment, hence you credentials are not used. It is a technical check ('ping') to the system.

How to use a destination?

To consume the destination a route of type destination has to be configured.

A route is just a path on the server. Basically you tell the environment, what shall happen if you call that specific URL. A route can be fixed, like


or parameterized like


It usually triggers some specific page or function in the app. A destination route defines which destination, and therefore which target address is meant. Destination alias and route do not need to share anything in naming.

To configure the route, edit or create file neo-app.json in your app folder and add a routes array:
"welcomeFile": "index.html",
"routes": [
"path": "/destinations/my-system",
"target": {
"type": "destination",
"name": "bydsystem"

In the example a route /destinations/my-system has been created, that uses the destination with alias bydsystem. Your path could be different (anything in fact).

If your destination bydsystem is directed to https://my123456.sapbydesign.com then a request to


would trigger the use of destination bydsystem and result in an (authenticated as configured) request to