Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

trying to get role collection data from cloud foundry using API using sapui5 from SAP BAS.

sagarsingh2000
Explorer

on ‎2022 Aug 18 3:07 PM

1,968

Hi experts,

I'm trying to get role collection data of my SAP BTP cloud foundry using the REST API from API Business Hub using SAPUI5 in SAP BAS. Can you all please look at below scenario and help if I am missing out something.

Using this API "https://api.sap.com/api/AuthorizationAPI/overview" for role collection details. And this API is of type REST not ODATA.

I have done the REST(ajax) call in SAPUI5 using Business Application Studio getting ERROR: CORS Policy.

Requirement is to get Role Collections details of my cloud foundry account in SAP BTP from rest API using SAPUI5 in SAP BAS, then use the data to control the Role Collections of SAP BTP CF from custom SAPUI5 app.

Tried using destination: apiuaa.txt

part of controller where I did the ajax call: controller-part.txt

ui5.yaml file: ui5yaml.txt

ui5-local.yaml file: ui5-localyaml.txt

mta.yaml file: mtayaml.txt

xs-app.json file: xs-appjson.txt

Regards,

Sagar Singh

mtayaml.txt
controller-part.txt
ui5yaml.txt
ui5-localyaml.txt
apiuaa.txt
xs-appjson.txt

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

CarlosRoggan
Product and Topic Expert
Product and Topic Expert
‎2022 Aug 18 3:59 PM

Hi,

from my understanding, your question is how to avoid the CORS error?
I'm not familiar with Ui5, but I guess the answer is to use your approuter.
In your ui5 controller you would use a relative URI that points to a route.
The route then points to a destination which contains the full URL, or base URL.
I think you already prepared the xsapp.json and destination, now you just need to use them

Kind Regards,
Carlos

Show replies
Show replies
dr_vup
Contributor
‎2022 Aug 26 8:04 AM

Hey!

Carlos already did point out the correct approach. Just wanted to share with you: I am doing the same way, attaching a "beforeRequestHandler" on the approuter, before starting. With this approach I am adding a "getuserinfo" route to the approuter, because the default one does not provide the scopes of the user.

Within this approach, we can fetch the user-scopes and disable buttons, elements, whatever (btw: this is just an optical thing, of course the backend is also checking before executing something. So do not use this to actually protect something, because you can edit it on the browser site).

Show replies
Show replies
Ask a Question