cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

CAP application gives 401 unauthorized error after deployment to cloud foundry

David21
Explorer

on ‎2024 Sep 05 3:36 PM

0 Kudos
2,871

Hello everyone,

I have created a Node.js CAP application(List report & Object page) using managed approuter and deployed it to cloud foundry. I have not added any kind of authentication in it, Package.json doesn't have an auth stanza in the requires section and this is what my xs-security file looks like :

auth.png

When I go into my dev space and start the 'app-srv', it takes me to the index page where all the services are. But when i click on any service it gives 401 unauthorized . The interesting thing is when i access the app from the HTML5 Applications tab i can view the List report page and it shows me all the data.

I am also having the same issue with an app that i created with standalone approuter, As those applications dont appear in the HTML5 repository the only way to access them is through the link in your dev space. And that gives the authorization error.

Any ideas why this is happening ?

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (5)

Answers (5)

David21
Explorer
‎2024 Sep 09 11:57 AM
0 Kudos

After adding mock authentication, I can access the services through the route provided in 'app-srv' application deployed in the CF. But when i try to access the UI (Listreport pages) through the approuter module deployed in CF it's still giving the authorization error:

sap.png

@MioYasutake 

Show replies
Show replies
MioYasutake
SAP Champion
SAP Champion
‎2024 Sep 08 8:38 PM
0 Kudos

@David21 
When a CAP application is deployed to Cloud Foundry, it requires authentication by default. If you want to skip authentication, include the following configuration in package.json. Please note that this is for testing purpose only and not recommended for production.

 

 

  "cds": {
    "requires": {
      "auth": "mocked",
...

 

 

Show replies
Show replies
David21
Explorer
‎2024 Sep 07 11:21 AM
0 Kudos

Any ideas why this is happening @gregorw  @MioYasutake  .

Show replies
Show replies
JinoyVarghese
Explorer
‎2025 Apr 03 6:37 AM
0 Kudos
Same issue
David21
Explorer
‎2024 Sep 05 5:06 PM
0 Kudos

I tried making changes to my xs-security file in the app that i created using the standalone router:

auth2.png

Redeployed it, And gave the role 'appTokenExchange' to my user in BTP. But it is still giving me the same error.

@gregorw 

Show replies
Show replies
gregorw
SAP Mentor
SAP Mentor
‎2024 Sep 05 7:34 PM
0 Kudos
Do you see any errors in the approuter log?
David21
Explorer
‎2024 Sep 06 12:39 PM
0 Kudos
No, there doesn't seem to be any errors in the log.
gregorw
SAP Mentor
SAP Mentor
‎2024 Sep 05 4:25 PM
0 Kudos

You need to adjust your xs-security.json to include the scope uaa.user. Check this references:

https://help.sap.com/docs/btp/sap-business-technology-platform/accessing-business-service-data?local...

https://docs.cloudfoundry.org/concepts/architecture/uaa.html#uaa-scopes

It's needed as you use the managed approuter and it does a token exchange from the Launchpad Authentication to your Applications XSUAA Instance.

Show replies
Show replies
Ask a Question