Showing results for 
Search instead for 
Did you mean: 

How to establish trust between two XSUAA protected approuters?

0 Kudos

Hello community,

we are trying to nest one SAPUI5 component in another. While this is usually easily done by leveraging the component container control, our target setup seems to be challenging.

Application 1 is served via. a standalone approuter and nests Application 2 which is deployed to the HTML5 Application Repository and is served via the managed approuter. Both applications are XSUAA protected use the same identity provider.



The challenge seems to be the authorization part in the nesting process. The request from Application 1 to Application 2 always results in an HTTP 401, no matter the destinations authentication type and configuration.

Application 2 needs to be XSUAA protected to be able to use Principal Propagation to call ERP resources.

Is this setup technically possible? If so, how can we achieve it?

Thank you in advance,

Accepted Solutions (0)

Answers (0)