cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Connect to ABAP Environment via technical user via BAS

Go to solution
raphael-l
Participant

on ‎2023 Aug 09 1:26 PM

0 Kudos
623

Hi everyone,

i'm still pretty new in the complete area of BTP/ABAP/RAP development. However, i developed a RAP app which is technical working perfect. My main problem is the user authentication.

Since this app is quite light weight and simple with no need of user change tracking etc. i wanted to use a technical user instead the standard oauth (which would include the complete way of user provisioning, role assignment etc. etc. for each user on the ABAP environment who wants to use my app).

To create my app i followed the guide here:

Create a SAP Fiori App and Deploy it to SAP BTP, ABAP Environment | Tutorials for SAP Developers

This works like a charm (incl. the destination with oauth authentication that is automatically created via BAS then) but as i said the requirement is then that every user needs to also have his own user in the ABAP environment. Which i don't want to.

I also created already a communication scenario like described in here (Expose a Standard Core Data Service for ABAP Environment | Tutorials for SAP Developers) but if i use that one during fiori creation in BAS it creates me a complete different fiori app with missing custom buttons/actions i programmed in eclipse. So my opinion is that i need to build this again by my own in the BAS if i use that odata connection (which will be automatically generated when using the standard way described above)?!

I would be happy if someone could tell me if it's possible to create the app from this tutorial (Create a SAP Fiori App and Deploy it to SAP BTP, ABAP Environment | Tutorials for SAP Developers) the same way just with a technial user instead of oAuth.

Best regards,

Raphael

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
peterpersiel
Product and Topic Expert
Product and Topic Expert
‎2023 Aug 09 2:01 PM

Hi Raphael,

I think what you are trying to achieve will not work out-of-the-box:

  • Fiori App is deployed to FLP in ABAP Environment: In order to open the FLP in ABAP Environment you need a business user in the ABAP system. There is currently no option for "anonymous" access to the FLP in the ABAP system.
  • UI annotations (https://sapui5.hana.ondemand.com/sdk/#/topic/83c89ccef12f48ab98f6c3811bd025b3😞 As you mentioned, while you exposed your service via communication scenario instead, buttons/actions were missing: This is due to missing UI annotations that are usually retrieved from service catalog service that is only accessible via business user.

You could deploy your Fiori app separate from your ABAP backend artefacts to HTML5 Applications Repository in BTP, please refer to SAP Fiori Applications in the Cloud Foundry Environment.

A workaround for your UI annotations, that are usually retrieved from catalog service in the backend, could be to provide them in a local annotation file in your Fiori app. But this has certain drawbacks.

Best regards,
Peter

Show replies
Show replies
raphael-l
Participant
‎2023 Aug 09 2:55 PM
0 Kudos

Hi peterpersiel ,

thanks for the feedback.

Actually i don't want to do it "anonymous". I would be even fine to create a business user (call it "Technical User RAP") and access/open FLP with this fixed user from my App for everybody using my app. But i even think this is also not possible?!

And about deployment. My App is deployed as HTML5 Application and even provided via SAP Cloud Portal Service. But i think that will not help me to get the "annotations" etc.

The big disadvantage about this complete architecture is that it needs user provisioning for the ABAP Environment which is nothing you setup on-the-fly in a real environment (lot of questions comes up like where to get User via IPS and how to distribute roles etc. etc.). Especially if you just have a small RAP App.

peterpersiel
Product and Topic Expert
Product and Topic Expert
‎2023 Aug 09 3:15 PM
0 Kudos

Regarding the missing UI annotations: You should be able to find a file annotation.xml in your Fiori app project folder if is a Fiori Elements application. You can use this file for local annotations if these are not provided by you backend service.

As you mentioned both CF deployment and ABAP deployment require a business user (it can be a fixed or a personalized business user) in the ABAP system.
You can find information about the deployment options here: UI Development

As a starting point I would always recommend to deploy both frontend and backend artefacts to the ABAP system as this provides the same lifecycle management for all involved objects.

For user provisioning aspects, please refer to: User Provisioning

Ask a Question