Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

How to configure unauthenticated access to SAP CAP Service for specific UI5 apps?

Hollix
Explorer

on ‎2025 Mar 21 9:34 AM

0 Likes
1,519

Hi Community,

I'm currently facing an issue with authentication in my SAP CAP project. My tech stack includes Cloud Foundry, SAP CAP, HANA Cloud database, MTA, OData V4, and NodeJS.

We have around 15 apps deployed, and out of these, two UI5 apps need to access the same CAP service without requiring user login. Initially, I tried using a fixed user embedded within the UI, using JWT tokens to authorize calls to the service, but unfortunately, this didn't resolve the issue. Whenever I try to access the service, I'm redirected to the login page.

I've also attempted to use mocked authentication in the package.json, but the issue persists. Here's an excerpt from my package.json configuration:

 

{
   "cds":{
      "sql":{
         "native_hana_associations":false
      },
      "requires":{
         "[production]":{
            "db":"hana"
         },
         "app-service":{
            "impl":"@sap/low-code-event-handler"
         },
         "auth":{
            "restrict_all_services":false,
            "[development]":{
               "kind":"dummy"
            },
            "[production]":{
               "auth":{
                  "kind":"mocked",
                  "users":{
                     "alice":{
                        "password":"Test1234!",
                        "roles":[
                           "admin"
                        ]
                     }
                  }
               }
            }
         }
      }
   }
}

 

Despite the above configuration, accessing the service always redirects me to the login page.

Has anyone successfully implemented a similar scenario or have insights on how to correctly configure unauthenticated access for specific apps?

Thank you in advance for any advice!

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
MioYasutake
SAP Champion
SAP Champion
‎2025 Mar 24 9:58 AM
@Hollix How do users access the app? Via Work Zone (managed approuter) or a standalone approuter?
scatudal
Product and Topic Expert
Product and Topic Expert
‎2025 Aug 27 2:22 AM
0 Likes
Have you found a solution to handle your anonymous scenario? We have a very similar problem.

Accepted Solutions (0)

Answers (2)

Answers (2)

Hollix
Explorer
‎2025 Mar 24 10:03 AM
0 Likes

@MioYasutake 

Users get access through standalone approuter
Show replies
Show replies
MioYasutake
SAP Champion
SAP Champion
‎2025 Mar 24 10:52 AM
0 Likes
@Hollix Is the authentication required when you access the UI, or when you hit the service endpoint after opening the UI?
Hollix
Explorer
‎2025 Mar 24 12:34 PM
0 Likes

@MioYasutakewe disabled the authentication for loading the UI via xs-app.json for the specific apps, that works. But the service is not loading without any authentication

Willem_Pardaens
Product and Topic Expert
Product and Topic Expert
‎2025 Mar 24 6:47 AM
0 Likes

Could you try and fix your json to remove the double "auth"?

Now your production profile has: "auth": { "auth": { .. } }

Show replies
Show replies
Hollix
Explorer
‎2025 Mar 24 8:36 AM
0 Likes
Thank you for your help, I tried it that way, but unfortunately the result did not change. Do you have any other ideas or a running sample on Git etc.?
Ask a Question