Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
martin_blust
Product and Topic Expert
Product and Topic Expert
19,259
In SAP Business Technology Platform, you can't help coming across the UAA since it enables you to log in or log out. The full name for UAA is User Account and Authentication. This doesn't explain much, though. Unfortunately, we talk about UAA, CFUAA, XSUAA, Platform UAA in SAP BTP. Is this all the same? Or are these four different UAAs?

 

Let's give it a try and explain UAA:

 

CFUAA


CFUAA stands for Cloud Foundry User Account and Authentication. It is the implementation of the UAA of the Open Source Cloud Application Platform Cloud Foundry. UAA is an open source project of Cloud Foundry and it is available through a variety of private cloud distributions. SAP is a major contributor. In developer speak, the term CFUAA is used to distinguish the UAA of Cloud Foundry from the XSUAA.

Link: https://www.cloudfoundry.org/

 

Platform UAA


At SAP, the Platform UAA is often simply called UAA. It is an open source UAA of Cloud Foundry (or CFUAA), but it is deployed in the Cloud Foundry environment of SAP BTP.

The Platform UAA manages the platform users (space developers and administrators). The platform users are allowed to use the cockpit and to interact with the Cloud Controller. They can use the Cloud Foundry CLI, push and scale applications, and create service instances. Platform users are authenticated via SAP ID service.

 

XSUAA


The XSUAA has been developed by SAP. It is an extension of the CFUAA and acts as the central infrastructure component of the Cloud Foundry environment at SAP BTP for business user authentication and authorization. SAP has enhanced the CFUAA by adding a service broker, multitenancy, management API functions, and some minor enhancements. The XSUAA manages business users and enables them to authenticate to applications deployed in SAP BTP.

Links:

What Is the SAP Authorization and Trust Management Service?

Web Access Control

API Access Control
5 Comments