cancel
Showing results for 
Search instead for 
Did you mean: 

Journey Build side-by-side extensions on SAP BTP: I always get Forbidden error in CF.

Jeff_G
Associate
Associate
0 Kudos
958

Hi, 

The app works correctly in BAS.  In BAS, I can log in as riskmanager.  In CF I always get the "Forbidden" error: 

Jeff_G_0-1675966683531.png

The journey mentions this may happen.  I have cleared the cookies and cache in the browser many times.  I have rebooted my laptop.  I have assigned the "RiskManager" role to my BTP email address.  What else do I need to do to be able to log into this app in CF?  

Thanks, 

Jeff

 

Jeff_G
Associate
Associate
0 Kudos

My mta.yaml file:

_schema-version: '3.1'
ID: risk-management
version: 2.0.0
description: "Template for the Learning Journey Building side-by-side extensions on SAP BTP"
parameters:
  enable-parallel-deployments: true
build-parameters:
  before-all:
    - builder: custom
      commands:
        - npx -p @Former Member/cds-dk cds build --production
modules:
  - name: risk-management-srv
    type: nodejs
    path: gen/srv
    parameters:
      buildpack: nodejs_buildpack
    build-parameters:
      builder: npm-ci
    provides:
      - name: srv-api # required by consumers of CAP services (e.g. approuter)
        properties:
          srv-url: ${default-url}
    requires:
      - name: risk-management-db
      - name: risk-management-auth

  - name: risk-management-db-deployer
    type: hdb
    path: gen/db
    parameters:
      buildpack: nodejs_buildpack
    requires:
      - name: risk-management-db

  - name: risk-management
    type: approuter.nodejs
    path: app/ # from cds.env.folders. Consider also cds.env.build.target -> gen/app
    parameters:
      keep-existing-routes: true
      disk-quota: 256M
      memory: 256M
    requires:
      - name: srv-api
        group: destinations
        properties:
          name: srv-api # must be used in xs-app.json as well
          url: ~{srv-url}
          forwardAuthToken: true
      - name: risk-management-auth

resources:
  - name: risk-management-db
    type: com.sap.xs.hdi-container
    parameters:
      service: hana
      service-plan: hdi-shared
  - name: risk-management-auth
    type: org.cloudfoundry.managed-service
    parameters:
      service: xsuaa
      service-plan: application
      path: ./xs-security.json
      config:
        xsappname: risk-management-${org}-${space}
        tenant-mode: dedicated        
        role-collections:
        - name: 'RiskManager-${space}'
          description: Manage Risks
          role-template-references:
          - $XSAPPNAME.RiskManager
        - name: 'RiskViewer-${space}'
          description: View Risks
          role-template-references:
          - $XSAPPNAME.RiskViewer
        oauth2-configuration:
          redirect-uris:
            #- https:///login/callback
            - https://0*******trial-dev-risk-management.cfapps.us10-001.hana.ondemand.com/login/callback

 

Margit_Wagner
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hi @Jeff_G 
We have received your request and are in the process of evaluating the problem.
Please allow for a delay in our response.
Kind regards
Margit  

InesRomero
Discoverer
0 Kudos

Hi @Jeff_G ,

I have the same problem as you, have you found the solution?

Thank you

Accepted Solutions (0)

Answers (0)