cancel
Showing results for 
Search instead for 
Did you mean: 

SAP UI5 Application to Pass User ID on headers to external API through destination

vinoth_sukumar
Explorer
0 Kudos

Hi,

I'm looking to call an external API from a UI5 application in BTP and the requirement is to pass the user ID to the headers/query parameters or body of the API.

But, we need to make this user ID being passed without being visible in the console of the browser.

API works based on basic authentication which is configured on the destination.

Is there a way to achieve this?

I'm wondering if any additional properties in the destination could help to pass the user Id or email to the API, that way front-end app or the browser won't know about the details.

Please share.

Thanks,

Vinoth

gregorw
Active Contributor
0 Kudos

Are you using standalone or managed approuter to serve the application?

vinoth_sukumar
Explorer
0 Kudos

Hi Gregor,

It is a standalone application.

Thanks,

Vinoth

Accepted Solutions (0)

Answers (3)

Answers (3)

quovadis
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hello vinoth.sukumar ,

You might want to have a look at the following blogposts of mine, especially that you rely on the SAP managed approuter as I do:

Long story short you can have all the things like the user id embedded in the JWT token being passed in the Authorization header of your API.

I hope that helps; Piotr

gregorw
Active Contributor
0 Kudos

Can you point to the section where you describe this case? Haven't found it.

vinoth_sukumar
Explorer
0 Kudos

Hi Piotr,

Thanks for sharing, It was helpful to understand Kyma, but we don't have Kyma in our environment, anything similar is possible with CF?

Thanks,

Vinoth

gregorw
Active Contributor
0 Kudos

Hi Piotr,

Vinoth was asking for:

"pass the user ID to the headers/query parameters or body of the API."

You suggest that the backend app should evaluate the JWT or?

CU
Gregor

quovadis
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hi Gregor, indeed the backend application should be relying on a JWT token (passed to it in the Authorization header); Thx; Piotr

gregorw
Active Contributor
0 Kudos

As you can't extend managed Approuter you have you either use SAP API Management, Cloud Integration or a custom CAP application to achieve this requirement.

vinoth_sukumar
Explorer
0 Kudos

Hi Gregor,

Thanks, I think adding another layer as you mentioned is the only way to achieve this, or perhaps another option is to consider enabling principal propagation authentication with the back end service, as our external API is connected via cloud connector, any thoughts?

I was hoping to send dynamic values from the additional properties to header or query parameters, Additional parameter "sap.query" in destination has no effect | SAP Community. Is it possible to send dynamic values to headers?

Thanks,

Vinoth

gregorw
Active Contributor
0 Kudos

Based on the documentation of approuter - Destination service only:

URL.headers.<header-name>

and not:

URL.query.<header-name>

which seems to be only supported by SAP Cloud SDK.

gregorw
Active Contributor
0 Kudos

Then you should check the documentation: Extending Application Router

vinoth_sukumar
Explorer
0 Kudos

Hi Gregor,

Apologies, we are using Managed App router for HTML5 applications, which are accessed from work zone standard edition tiles.

Regards,

Vinoth