cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Consume CDS CAP oData Service by Workzone UI Integration Card

Go to solution
ckuczera
Participant

on ‎2024 Aug 16 8:02 AM

0 Kudos
735

Dear Community

I am facing an issue while accessing Information from an oData v4 Service based on CAP CDS by an UI integration card in Workzone.

The service is setup and running as a service instance in BTP. I have created a destination pointing to the CAP service manually to ensure SSO access to the service:

ckuczera_0-1723791596247.png

Till now everything works like a charm. I can access the service via Workzone dynamic destination from the ui integration card:

ckuczera_1-1723791596249.png

But: each time I am deploying the service and the bound uaa instance, the client secret is regenerated and the SSO breaks:

ckuczera_2-1723791596251.png

I need to update the client secret in the destination manually. After updating the client-secret in the destination, SSO is enabled again, and the access is possible.

Is there a way to create / update the destination automatically after deployment of the service or fix the client secret as it is fixed for client id and the certificate?

Is there another way to consume the service I missed?

Addressing the approuter of the service directly leads to a cors exception in the browser and will not be an option.

BR and thanks for your feedback

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
ahmet_pelit
Explorer
‎2025 Jan 06 12:07 PM
0 Kudos

Hi ckuczera,

what are the exact authentacaion parameters on destination? (sap.cloud.service)
I am developing application with saas architecture. I need consume a cds service for each tenant but I did not figure out how do do it. Have you any idea what is the key point? 

ahmet_pelit
Explorer
‎2025 Jan 06 12:07 PM
0 Kudos
Hi ckuczera
View Entire Topic
MioYasutake
Active Contributor
‎2024 Aug 16 10:54 AM
0 Kudos

@ckuczera 

I assume that your XSUAA instance is using binding secret, and you configure the destination referring to a secret bound to the CAP service.

 

"oauth2-configuration": {
    "credential-types": ["binding-secret"]
}

 

With the above setting, a new secret is generated every time the app is deployed. I suggest creating a new service key for the XSUAA instance and configuring the destination to refer to the secret of the service key. This way, the secret bound to the CAP service and the secret for the destination can be separated.

 

Show replies
Show replies
ckuczera
Participant
‎2024 Aug 17 4:42 AM
0 Kudos

@MioYasutakeThank you for the hint

after adding the following lines to the xs-security.json and chaning. to "instance-secret" the client secret is not getting regenerated after each deployment

"oauth2-configuration": {
    "credential-types": ["instance-secret"]
}
Ask a Question