In case of any doubt, it is suggested to use SAP standard communication.
Regardless of the used front end technology, an application can talk to the system/account where it originates. Direct access to other systems, like the Business ByDesign system, might be restricted for security reasons.
For testing purposes, a browser with disabled security can be used, e.g. Google Chrome. To do this:
Close all open Google Chrome instances.
Start the browser from the command line (e.g. Win+R) with exe --disable-web-security --user-data-dir=c:\temp .
Cookies should be allowed.
It is recommended to use an SAP standard communication, e.g. to define a secure connection from an SAP Cloud Platform account to the Business ByDesign system and use this to access the Business ByDesign system including OData services.
In the same way, security might restrict direct access to other external sources.
If a direct connection is not possible, it is recommended to tunnel required data via secure channels. This could mean to create further secure connections from an SCP account to other Business ByDesign systems or to establish a secure connection from a Business ByDesign system to the external source.