Showing results for 
Search instead for 
Did you mean: 

Inbound Communication on SAP BTP and Cloud Foundry Application

0 Kudos


I'm studying the SAP BTP and have a question about it.

Here’s the scenario: from C4C, using a webhook (triggered by a ticket update), an HTTP request is sent to an application (python-based) I developed and deployed on Cloud Foundry in the BTP. This application performs certain tasks and then connects to the SAP AI Core service.

My concern is about managing communications securely (authentication, etc.) both inbound and outbound from my application. If I understand correctly, I can use "destinations" to manage outbound communications. However, it's not clear to me how to handle inbound communications: at the moment, anyone who has the endpoint where my application is exposed can access the service. So, how do I implement an authentication mechanism?

I’ve looked through the documentation, the Learning Hub, and community blogs, but I’m a little bit confused. For example, I learned about the XSUAA service, but it permits to design a login form for any user, that is not what I need, since I want a secure communication between C4C and my application.

View Entire Topic
Product and Topic Expert
Product and Topic Expert
0 Kudos


You're on the right track: the xsuaa service will be the solution to securing your app. Once you enabled this and bind it to your application, you can create a service key with will give you a client id, client secret and token url which you can use to generate an oAuth token to be used to access your application, without passing the login UI. If you want the UI flow as well you will need an approuter too. This tutorial seems to match your goal (though you can skip the approuter part and focus on the xsuaa and python code to validate authorization header):

Good luck!