gdata.io.handleScriptLoaded({"version":"1.0","encoding":"UTF-8","feed":{"xmlns":"http://www.w3.org/2005/Atom","xmlns$openSearch":"http://a9.com/-/spec/opensearchrss/1.0/","xmlns$gd":"http://schemas.google.com/g/2005","xmlns$georss":"http://www.georss.org/georss","xmlns$thr":"http://purl.org/syndication/thread/1.0","xmlns$blogger":"http://schemas.google.com/blogger/2008","id":{"$t":"tag:blogger.com,1999:blog-3826368468004556615"},"updated":{"$t":"2023-12-26T13:46:15.660-08:00"},"category":[{"term":"scp"},{"term":"SAP ABAP"},{"term":"Tutorial series on SAP Enterpise Portal"},{"term":"geocoder"},{"term":"export sapui5 project"},{"term":"events in classical reports"},{"term":"util"},{"term":"layout"},{"term":"pull"},{"term":"joins"},{"term":"tables"},{"term":"SEGW"},{"term":"viz charts"},{"term":"sap cloud platform mobile services"},{"term":"types of views"},{"term":"Security Considerations"},{"term":"sap web ide deprecated"},{"term":"pool"},{"term":"SAP ABAP function modules"},{"term":"tree table"},{"term":"cloud foundry"},{"term":"custom login page"},{"term":"sap cloud platform for portal sites"},{"term":"admin cockpit sap cloud mobile services"},{"term":"Introduction to SAP portal sites"},{"term":"srv"},{"term":"hcp"},{"term":"OOPs Concepts"},{"term":"sap fiori tools"},{"term":"SAP ABAP Blog."},{"term":"export sap projects"},{"term":"ui5"},{"term":"maintainability"},{"term":"associations"},{"term":"combo box"},{"term":"SAP BAS"},{"term":"Logon Page in Enterprise Portal"},{"term":"margins"},{"term":"Web IDE"},{"term":"mtar"},{"term":"CAP"},{"term":"ABAP Development"},{"term":"sap viz frame"},{"term":"sort"},{"term":"Plugin"},{"term":"appearance"},{"term":"workflow"},{"term":"Agile Development"},{"term":"architecture of sap fiori"},{"term":"outer join"},{"term":"SAP S/4HANA"},{"term":"sap fiori"},{"term":"Data Storage"},{"term":"file"},{"term":"SAP overview"},{"term":"function"},{"term":"Sapui5 jobs"},{"term":"Classical report"},{"term":"sap fiori tutorial"},{"term":"webIDE application"},{"term":"Installation of sap ui5 plugin"},{"term":"app router"},{"term":"Scalable Applications"},{"term":"smarttable"},{"term":"odata tutorial"},{"term":"sap enterprise portal"},{"term":"vizframe control"},{"term":"stage"},{"term":"events"},{"term":"selected index"},{"term":"tab"},{"term":"How to export SAP Web IDE Workspace projects"},{"term":"hello world application"},{"term":"SAPUI5 data communication"},{"term":"online training abap"},{"term":"SAP NetWeaver Portal"},{"term":"apps"},{"term":"pfcg"},{"term":"sap mobility jobs"},{"term":"commit"},{"term":"launchpad"},{"term":"DPC"},{"term":"Pass by value and return"},{"term":"routing in split app"},{"term":"Module Pool"},{"term":"sapui5 xml editor"},{"term":"sap.m.list"},{"term":"searching"},{"term":"tag"},{"term":"CAPM Apps"},{"term":"css folder"},{"term":"get expanded entity"},{"term":"ABAP Job Preparation"},{"term":"mta"},{"term":"custom image"},{"term":"xlsx"},{"term":"Mock data"},{"term":"multi target application"},{"term":"javascript"},{"term":"Routing"},{"term":"responsive table in sapui5"},{"term":"add and delete operation"},{"term":"csv upload validation"},{"term":"saml"},{"term":"external library"},{"term":"ALV programming examples"},{"term":"sap btp"},{"term":"Custom Controls"},{"term":"Project structure"},{"term":"openui5"},{"term":"dv"},{"term":"create destinations to connect mobile services from sap web ide"},{"term":"sap custom portal sites"},{"term":"modules"},{"term":"Interactive Reports"},{"term":"user experience sap"},{"term":"odata v2"},{"term":"ABAP New Features"},{"term":"Developer Tips"},{"term":"sap fiori launchpad configuration"},{"term":"Logon to SAP ABAP"},{"term":"cloud foundary"},{"term":"SAP ABAP Certification"},{"term":"Tutorials"},{"term":"ABAP Interview Questions"},{"term":"controller"},{"term":"Routing in sapui5"},{"term":"Environment variables"},{"term":"ALV reports"},{"term":"Transport Request Number"},{"term":"sap fiori enterprise portal"},{"term":"CSN"},{"term":"Parts"},{"term":"jwt token"},{"term":"register cloud platform"},{"term":"annotations"},{"term":"Navigation Properties"},{"term":"component.js"},{"term":"deman pop-in"},{"term":"configure catalogs and groups"},{"term":"Best practices"},{"term":"local service"},{"term":"sap web ide"},{"term":"i18n"},{"term":"Dialog sapui5"},{"term":"chrome"},{"term":"ABAP Coding Best Practices"},{"term":"HANA Modeling"},{"term":"charts in sapui5"},{"term":"sap fiori enterprise portal sites"},{"term":"google maps"},{"term":"SAP Business Technology Platform"},{"term":"formatters"},{"term":"resource bundle"},{"term":"Pass by reference"},{"term":"pass multiple values"},{"term":"projection views"},{"term":"sapui5 diagnostics window"},{"term":"web dynpro"},{"term":"webapp"},{"term":"get expanded entityset"},{"term":"Setting Up an App Router in SAP CAPM Project on BTP: A Step-by-Step Guide"},{"term":"help views"},{"term":"BDC"},{"term":"contrller"},{"term":"video tutorial on nested views and fragments"},{"term":"iwfnd"},{"term":"odata"},{"term":"debugging javascript files"},{"term":"smart table"},{"term":"SAP Programming"},{"term":"SAP Development"},{"term":"SAP netweaver gateway"},{"term":"api"},{"term":"Blobs in JavaScript"},{"term":"sap fiori apps"},{"term":"Visual studio code"},{"term":"How to Change logon Page of Enterprise Portal"},{"term":"dynamic"},{"term":"sapui5 code editor"},{"term":"git"},{"term":"xml code editor"},{"term":"Transaction code"},{"term":"parameter"},{"term":"ABAP on HANA interview questions and answers"},{"term":"Global sub routines"},{"term":"interactive reports example"},{"term":"layouts"},{"term":"ABAP List Viewer"},{"term":"JDK"},{"term":"filter"},{"term":"Fragment in sapui5"},{"term":"controller.js"},{"term":"video tutorial on globalization"},{"term":"CLASSICAL REPORTS"},{"term":"Sorting"},{"term":"odata v4"},{"term":"CRUD operations"},{"term":"create OData service"},{"term":"crud"},{"term":"Navigation"},{"term":"authorization"},{"term":"responsive"},{"term":"SAP functional modules"},{"term":"validate using headers"},{"term":"CDL"},{"term":"SUB ROUTINES"},{"term":"interactive reports events"},{"term":"sheet.js"},{"term":"MDK introduction"},{"term":"SAP Bussiness Application Studio"},{"term":"begin set"},{"term":"UI5 Inspector"},{"term":"get cursor"},{"term":"drag and drop"},{"term":"component preload"},{"term":"ABAP"},{"term":"spider chart"},{"term":"interview tips"},{"term":"view"},{"term":"Sap RAP"},{"term":"Answers"},{"term":"Templates and Accelerators in SAP Portal sites"},{"term":"work Area"},{"term":"SAP ABAP on HANA"},{"term":"sap webide"},{"term":"read"},{"term":"ABAP HANA Integration"},{"term":"sap MDK"},{"term":"ABAP 7.5"},{"term":"submitbatch"},{"term":"version"},{"term":"transparent"},{"term":"Microservices in SAP BTP"},{"term":"resources"},{"term":"import"},{"term":"SAP Data Presentation"},{"term":"create"},{"term":"SAP ECC"},{"term":"debug files in production environment"},{"term":"sap fiori configuration cockpit portal sites"},{"term":"SAP cloud solutions"},{"term":"speech recognition"},{"term":"groups"},{"term":"icf"},{"term":"ABAP 7.6"},{"term":"custom control"},{"term":"configuring destination in sap web ide"},{"term":"viz control"},{"term":"Mta yaml"},{"term":"odata deep structures"},{"term":"BAS"},{"term":"push"},{"term":"ios"},{"term":"data element"},{"term":"search"},{"term":"ALV Grid Report"},{"term":"Internal Tables"},{"term":"properties"},{"term":"minScreenWidth"},{"term":"configuring tiles"},{"term":"aggregation binding"},{"term":"grouping"},{"term":"controller hooks"},{"term":"portal site"},{"term":"import project"},{"term":"ABAP Developer Tips"},{"term":"json model"},{"term":"Introduction"},{"term":"branding"},{"term":"list"},{"term":"SAP Technical Interviews"},{"term":"android"},{"term":"package"},{"term":"SAP Fiori Configuration cockpit"},{"term":"create cloud foundary account"},{"term":"sap app"},{"term":"custom sapui5 app extension"},{"term":"edit"},{"term":"SAP ABAP views"},{"term":"excel"},{"term":"ABAP Code Examples"},{"term":"SmartForms"},{"term":"logo"},{"term":"sap freestyle portal sites"},{"term":"HANA Development"},{"term":"fiori apps"},{"term":"Image Upload"},{"term":"javascript code editor"},{"term":"OData v4 advantages"},{"term":"Development"},{"term":"index of list"},{"term":"offline capabilities"},{"term":"containers"},{"term":"portal"},{"term":"changeset"},{"term":"Binary Data Handling"},{"term":"distance"},{"term":"sap cloud foundary"},{"term":"technical interview questions"},{"term":"Cloud Application Programming Model"},{"term":"implementing SAP Fiori"},{"term":"odat v4"},{"term":"MockSever"},{"term":"Event Handling"},{"term":"local development"},{"term":"RAP Implementation"},{"term":"sap ui5 excel upload"},{"term":"Data types"},{"term":"How to get Selected table index value?"},{"term":"xml view"},{"term":"hierarchial ALV"},{"term":"extending apps"},{"term":"sap capm"},{"term":"manifest.json"},{"term":"DDIC"},{"term":"ABAP Data Modeling"},{"term":"reports"},{"term":"User Interaction"},{"term":"batch processing in OData"},{"term":"login"},{"term":"sap backend system"},{"term":"event"},{"term":"authentication"},{"term":"css"},{"term":"job search"},{"term":"types of subroutines"},{"term":"LOCAL SUB ROUTINES"},{"term":"mobile development kit"},{"term":"item"},{"term":"sap fiori portal site"},{"term":"enable sap web ide"},{"term":"use strict"},{"term":"json"},{"term":"routing in full application"},{"term":"Introduction to sap enterprise portal"},{"term":"doalog"},{"term":"CDS"},{"term":"chart.js"},{"term":"Mdk app"},{"term":"ALE"},{"term":"mfa"},{"term":"view extensions"},{"term":"sap abap tutorials"},{"term":"system objects"},{"term":"maint_service"},{"term":"introduction to sapui5"},{"term":"Dev Tools"},{"term":"Configure Catalog and Groups in SAP Fiori Portal Sites"},{"term":"design principles"},{"term":"component configuration"},{"term":"ABAP Job Interview Insights"},{"term":"rest"},{"term":"sap fiori launchpad"},{"term":"google maps api"},{"term":"MPC"},{"term":"inline expressions"},{"term":"data binding"},{"term":"table"},{"term":"cache buster"},{"term":"setup"},{"term":"tiles"},{"term":"HANA Performance Tuning."},{"term":"Pass by value (or) call by value"},{"term":"beginset"},{"term":"path"},{"term":"XS-UAA"},{"term":"model folder"},{"term":"sapui5"},{"term":"view replacement"},{"term":"introduction to ERP"},{"term":"example classical report example"},{"term":"SAP MTA"},{"term":"external style"},{"term":"Internal Table"},{"term":"step by step process to create odata"},{"term":"update"},{"term":"add"},{"term":"walkthrough admin cockpit"},{"term":"fiori"},{"term":"python"},{"term":"hello world"},{"term":"sapui5 code validator"},{"term":"responsiveness"},{"term":"node.js"},{"term":"Search Help in DDIC"},{"term":"backend components"},{"term":"custom fiori app"},{"term":"xs security"},{"term":"introduction to sap web ide"},{"term":"SAP CAP"},{"term":"SAP technical modules"},{"term":"inner join"},{"term":"string"},{"term":"internal style"},{"term":"lpd_cust"},{"term":"radar chart"},{"term":"csv"},{"term":"OData v2 vs. OData v4"},{"term":"validation"},{"term":"nested view"},{"term":"push a project in github"},{"term":"aggregations"},{"term":"charts"},{"term":"SAP Fiori Launchpad Portal Site"},{"term":"sapui5 project"},{"term":"introduction to odata annotations"},{"term":"export project"},{"term":"types of tables"},{"term":"operations on internal table"},{"term":"large string"},{"term":"Activate OData Service in SICF"},{"term":"sapui5 lint"},{"term":"Most common examples in sap ui5"},{"term":"video tutorial on formatter and inline expressions"},{"term":"pdf"},{"term":"fiori launchpad"},{"term":"extending sapui5 apps"},{"term":"sap mobile services"},{"term":"sap mobile services tutorial"},{"term":"sap portal site"},{"term":"Fragment"},{"term":"Configuring Fiori Tiles in sap portal sites"},{"term":"mdk"},{"term":"annotations in OData"},{"term":"sap mobile development kit"},{"term":"metadata.xml"},{"term":"SAP Mobile cards"},{"term":"SAP ABAP video tutorials"},{"term":"btp"},{"term":"setup sap bussiness application studio"},{"term":"ABAP Innovations"},{"term":"Introduction and DDIC"},{"term":"introduction to sap fiori"},{"term":"optimization"},{"term":"examples"},{"term":"- SAP ABAP performance optimization\n\n- ABAP performance tuning\n\n- SAP ABAP best practices\n\n- SAP ABAP performance tips\n\n- ABAP performance optimization techniques\n\n- SAP ABAP performance improvements"},{"term":"sap"},{"term":"SAP Tech Trends"},{"term":"sapui5 csv file upload import"},{"term":"sap.m.table"},{"term":"frontend components"},{"term":"Field Catalog"},{"term":"File Manipulation"},{"term":"SAP RAP Tutorial"},{"term":"js"},{"term":"mobile services in cloud foundary"},{"term":"sicf"},{"term":"roles"},{"term":"file reader"},{"term":"maintainence view"},{"term":"Security"},{"term":"SAP implementation."},{"term":"domain"},{"term":"sap cloud platform SDK"},{"term":"Globalization and localization"},{"term":"xml"},{"term":"marker"},{"term":"SAP Interview Prep"},{"term":"sap web IDE Workspace export"},{"term":"re usability"},{"term":"sapui5 nested view"},{"term":"voice recognition"},{"term":"sap fiori application"},{"term":"video tutorial on routing"},{"term":"Offline app"},{"term":"index"},{"term":"Latest ABAP FAQs"},{"term":"Naming conventions"},{"term":"fiori tiles"},{"term":"fiori jobs"},{"term":"SAPui5 application on SAP bussiness application studio"},{"term":"database views"},{"term":"upload"},{"term":"sapui5 excel import"},{"term":"Batch"},{"term":"sapui5 project structuring"},{"term":"token"},{"term":"handling localized texts"},{"term":"globalization"},{"term":"SAP HANA clould cockpit"},{"term":"deploy to cloud foundry"},{"term":"test Odata service"},{"term":"github"},{"term":"sap fiori jobs"},{"term":"sap cloud platform"},{"term":"capm"},{"term":"sapui5 github"},{"term":"formatter"},{"term":"cluster"},{"term":"ALV Grid Tutorial"},{"term":"controller extension"},{"term":"fiori app"},{"term":"view extension"},{"term":"Cloud-Native Architecture"},{"term":"HANA"},{"term":"multi cloud environment"},{"term":"interview questions"},{"term":"filtering"},{"term":"ABAP CDS Views"},{"term":"variable names"},{"term":"CQL"},{"term":"gulp"},{"term":"boolean"},{"term":"SAP modules"},{"term":"delete"},{"term":"logon page"},{"term":"introduction to sap abap"},{"term":"sapui5 apps"},{"term":"pull a project"},{"term":"split app"},{"term":"sapui5 best practices"},{"term":"read table"},{"term":"SAP OData"},{"term":"Debugging ABAP"},{"term":"universal worklist"},{"term":"expression"},{"term":"controls and views"},{"term":"Custom control to make a Radar Chart using Chart.js library in SAPUI5."},{"term":"Cache"},{"term":"view modification"},{"term":"odata tutorial series"},{"term":"xls"},{"term":"sap BTP CAPM"},{"term":"append operation"},{"term":"code quality"},{"term":"example of CAP"},{"term":"header item relationship"},{"term":"launchpad configuration"},{"term":"Latest ABAP Updates"},{"term":"sap ui5"},{"term":"dataset"},{"term":"register odata service"},{"term":"padding"},{"term":"RAP"},{"term":"OData v2 benefits"},{"term":"v4"},{"term":"ABAP Enhancements"},{"term":"responsive table"},{"term":"npm"},{"term":"RAP Model"},{"term":"catalogs"},{"term":"sap fiori elements"},{"term":"login configuration"},{"term":"Web Application Development"},{"term":"application"},{"term":"value"},{"term":"enterprise portal"},{"term":"selected"}],"title":{"type":"text","$t":"SAP Development: Mastering SAP UI5, BTP, Fiori, CAPM, RAP, ABAP; and More!"},"subtitle":{"type":"html","$t":"Welcome to the ultimate SAP UI5, BTP, Fiori, CAPM, RAP, ABAP blog! Explore comprehensive tutorials, interview questions, and real-world examples to master SAP development. Elevate your skills in creating stunning UI5 apps, harnessing the power of BTP, and building Fiori applications. Unlock the potential of CAPM, RAP, and ABAP, and learn to integrate seamlessly with the enterprise portal. Whether you're a beginner or an experienced developer, this blog is your go-to resource for SAP expertise!"},"link":[{"rel":"http://schemas.google.com/g/2005#feed","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/-/authentication?alt\u003djson-in-script\u0026max-results\u003d50"},{"rel":"self","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/-/authentication?alt\u003djson-in-script\u0026max-results\u003d50"},{"rel":"alternate","type":"text/html","href":"http://www.sapui5tutors.com/search/label/authentication"},{"rel":"hub","href":"http://pubsubhubbub.appspot.com/"}],"author":[{"name":{"$t":"Sanjo Thomas"},"uri":{"$t":"https://www.blogger.com/profile/06687889588258406801"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"35","height":"35","src":"//www.blogger.com/img/blogger_logo_round_35.png"}}],"generator":{"version":"7.00","uri":"https://www.blogger.com","$t":"Blogger"},"openSearch$totalResults":{"$t":"3"},"openSearch$startIndex":{"$t":"1"},"openSearch$itemsPerPage":{"$t":"50"},"entry":[{"id":{"$t":"tag:blogger.com,1999:blog-3826368468004556615.post-7264264376737924104"},"published":{"$t":"2023-06-30T20:58:00.001-07:00"},"updated":{"$t":"2023-06-30T20:58:03.647-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"authentication"},{"scheme":"http://www.blogger.com/atom/ns#","term":"app router"},{"scheme":"http://www.blogger.com/atom/ns#","term":"authorization"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Routing"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sap btp"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sap capm"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Navigation"}],"title":{"type":"text","$t":"Understanding App Router in Sap BTP CAPM Environment"},"content":{"type":"html","$t":"\u003cp\u003eIn this blog post, we will look into the concept of the App Router and explore its significance within the SAP BTP CAPM project environment.\u003c/p\u003e\u003cdiv class\u003d\"separator\" style\u003d\"clear: both; text-align: center;\"\u003e\u003ca href\u003d\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjotUO71yyQpWHSMOrGKxoF-l6hc6YoJElkzG0mag1aJiPRPHBHdNEf4eIHgRImvbqOysWg-QS44V0dfflovdac15_pFb7iW6N80COwS25w0BoFWu-UI-F5XdKB7RVI0O4jKDvDXS4sAqyvAi86cwjScaXL0JCdWHEOSskD6lAVTbdHLd_7GmDSE9fDeQ/s635/IMG_2276.png\" imageanchor\u003d\"1\" style\u003d\"margin-left: 1em; margin-right: 1em;\"\u003e\u003cimg border\u003d\"0\" data-original-height\u003d\"483\" data-original-width\u003d\"635\" height\u003d\"243\" src\u003d\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjotUO71yyQpWHSMOrGKxoF-l6hc6YoJElkzG0mag1aJiPRPHBHdNEf4eIHgRImvbqOysWg-QS44V0dfflovdac15_pFb7iW6N80COwS25w0BoFWu-UI-F5XdKB7RVI0O4jKDvDXS4sAqyvAi86cwjScaXL0JCdWHEOSskD6lAVTbdHLd_7GmDSE9fDeQ/s320/IMG_2276.png\" width\u003d\"320\" /\u003e\u003c/a\u003e\u003c/div\u003e\u003cbr /\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e\u003cb\u003eUnderstanding the App Router:\u003c/b\u003e\u003c/p\u003e\u003cp\u003eThe App Router is a key component of the SAP BTP CAPM project, serving as a reverse proxy and authentication middleware. Its primary role is to facilitate secure communication between applications, allowing them to exchange data seamlessly. By acting as a gatekeeper, the App Router ensures that only authorized requests are forwarded to the appropriate backend services.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e\u003cb\u003e\u003cu\u003eKey Features and Benefits:\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003e1. \u003cb\u003eAuthentication and Authorization:\u003c/b\u003e The App Router provides robust authentication and authorization mechanisms, allowing users to securely access CAPM applications. It supports various authentication methods, such as OAuth, SAML, and JWT, ensuring a flexible and secure authentication process.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e2. \u003cb\u003eRouting and Load Balancing:\u003c/b\u003e With its routing capabilities, the App Router directs incoming requests to the appropriate backend services based on predefined rules. It also offers load balancing functionality, distributing traffic across multiple instances of the same application for improved performance and scalability.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e3. \u003cb\u003eSecurity and Protection\u003c/b\u003e: The App Router enhances application security by shielding backend services from direct exposure to the internet. It acts as a protective layer, inspecting and filtering incoming requests to mitigate potential security risks and vulnerabilities.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e4. \u003cb\u003eSingle Sign-On (SSO)\u003c/b\u003e: Leveraging the App Router's SSO capabilities, users can seamlessly access multiple applications within the SAP BTP CAPM project ecosystem. Once authenticated, users can navigate between different applications without the need for repeated login prompts.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e5. \u003cb\u003eCentralized Configuration\u003c/b\u003e: The App Router allows for centralized configuration management, simplifying the setup and maintenance process. It provides a unified approach to define routing rules, security policies, and authentication mechanisms, reducing complexity and ensuring consistency across applications.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e\u003cb\u003e\u003cu\u003eIntegration with SAP BTP CAPM Project:\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eThe App Router seamlessly integrates with other components of the SAP BTP CAPM project, such as the SAP Cloud Foundry environment and the CAPM runtime. It leverages the capabilities provided by these components to enable secure and efficient communication between applications.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003e\u003cb\u003e\u003cu\u003eBest Practices and Considerations:\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eWhen working with the App Router in SAP BTP CAPM projects, it is essential to keep a few best practices in mind:\u003c/p\u003e\u003cp\u003e- Follow secure coding practices and configure appropriate security measures to protect against potential vulnerabilities.\u003c/p\u003e\u003cp\u003e- Implement proper routing rules and load balancing strategies to optimize application performance and scalability.\u003c/p\u003e\u003cp\u003e- Regularly update and maintain the App Router, ensuring that it stays up-to-date with the latest security patches and enhancements.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003eIn the SAP BTP CAPM project, the App Router plays a crucial role in enabling secure communication between applications. With its robust authentication, routing, and security features, it provides a solid foundation for building scalable and resilient applications. By leveraging the capabilities of the App Router, developers can focus on delivering high-quality applications while ensuring seamless integration within the SAP BTP CAPM project ecosystem.\u003c/p\u003e"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https://www.sapui5tutors.com/feeds/7264264376737924104/comments/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https://www.sapui5tutors.com/2023/06/understanding-app-router-in-sap-btp.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/7264264376737924104"},{"rel":"self","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/7264264376737924104"},{"rel":"alternate","type":"text/html","href":"https://www.sapui5tutors.com/2023/06/understanding-app-router-in-sap-btp.html","title":"Understanding App Router in Sap BTP CAPM Environment"}],"author":[{"name":{"$t":"Sanjo Thomas"},"uri":{"$t":"https://www.blogger.com/profile/06687889588258406801"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"35","height":"35","src":"//www.blogger.com/img/blogger_logo_round_35.png"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjotUO71yyQpWHSMOrGKxoF-l6hc6YoJElkzG0mag1aJiPRPHBHdNEf4eIHgRImvbqOysWg-QS44V0dfflovdac15_pFb7iW6N80COwS25w0BoFWu-UI-F5XdKB7RVI0O4jKDvDXS4sAqyvAi86cwjScaXL0JCdWHEOSskD6lAVTbdHLd_7GmDSE9fDeQ/s72-c/IMG_2276.png","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-3826368468004556615.post-5244709722061183367"},"published":{"$t":"2023-06-06T17:29:00.003-07:00"},"updated":{"$t":"2023-06-06T17:29:40.309-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"authentication"},{"scheme":"http://www.blogger.com/atom/ns#","term":"XS-UAA"},{"scheme":"http://www.blogger.com/atom/ns#","term":"jwt token"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sap capm"},{"scheme":"http://www.blogger.com/atom/ns#","term":"mfa"},{"scheme":"http://www.blogger.com/atom/ns#","term":"token"}],"title":{"type":"text","$t":"Authentication in SAP CAP applications using XS-UAA"},"content":{"type":"html","$t":"\u003cdiv\u003eSAP Cloud Application Programming (CAP) provides a comprehensive framework for developing cloud-native applications. One of the key features of developing a cloud-native application is managing user authentication and authorization. To ensure that only authorized users can access the application, SAP CAP provides a built-in User Account and Authentication (XS-UAA) service, which is responsible for managing user authentication and authorization.\u003c/div\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eAuthentication in SAP CAP is managed using XS-UAA, which is responsible for verifying the identity of a user and issuing an access token.\u003c/div\u003e\u003cdiv class\u003d\"separator\" style\u003d\"clear: both; text-align: center;\"\u003e\u003ca href\u003d\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgWBtkz7mBpiFM1MAOK__w02vfjPA0f5pS5huUjm2jGxvRXG7LGHMqCCIy8A-QLd7wgS_mDjx9j3KpYvljUSTYaRguKx43EHTyqan3xDTvDPZ0YMAMKKXe8z-XUwv1ekCjtk-ZNfgEBXbajsQsGrQUMbn2zzHKCC50ba-dISUQP1zEi1SVTaDtZho/s554/IMG_1875.jpeg\" imageanchor\u003d\"1\" style\u003d\"margin-left: 1em; margin-right: 1em;\"\u003e\u003cimg border\u003d\"0\" data-original-height\u003d\"554\" data-original-width\u003d\"554\" height\u003d\"200\" src\u003d\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgWBtkz7mBpiFM1MAOK__w02vfjPA0f5pS5huUjm2jGxvRXG7LGHMqCCIy8A-QLd7wgS_mDjx9j3KpYvljUSTYaRguKx43EHTyqan3xDTvDPZ0YMAMKKXe8z-XUwv1ekCjtk-ZNfgEBXbajsQsGrQUMbn2zzHKCC50ba-dISUQP1zEi1SVTaDtZho/w200-h200/IMG_1875.jpeg\" width\u003d\"200\" /\u003e\u003c/a\u003e\u003c/div\u003e\u003cbr /\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eThe authentication flow begins when a user attempts to access a protected resource in the application. The application sends a request to the XS-UAA service to verify the user's identity. The user is prompted to enter their credentials, which are sent to the XS-UAA service for verification.\u003c/div\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eIf the user's credentials are valid, the XS-UAA service issues an access token to the application. The access token is a JSON Web Token (JWT), which contains information about the user and their authorization to access specific resources in the application.\u003c/div\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eThe application includes the access token in the header of all subsequent requests to the application. The access token is used by the application to verify that the user is authorized to access the requested resource.\u003c/div\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eThe XS-UAA service also provides support for managing refresh tokens, which can be used to obtain a new access token after the original token has expired. Refresh tokens are typically issued when the user logs in to the application, and can be used to obtain a new access token without requiring the user to log in again.\u003c/div\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eTo further enhance the security of SAP CAP applications, developers can use XS-UAA to implement multi-factor authentication (MFA) or other additional authentication mechanisms, such as smart card authentication or biometric authentication.\u003c/div\u003e\u003cdiv\u003e\u003cbr /\u003e\u003c/div\u003e\u003cdiv\u003eIn conclusion, XS-UAA is a powerful tool for managing user authentication and authorization in SAP CAP applications. By leveraging XS-UAA, developers can ensure that only authorized users can access the application and that sensitive information is protected. Additionally, by implementing additional authentication mechanisms, developers can further enhance the security of their applications and provide a secure, reliable experience for their users.\u003c/div\u003e"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https://www.sapui5tutors.com/feeds/5244709722061183367/comments/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https://www.sapui5tutors.com/2023/06/authentication-in-sap-cap-applications.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/5244709722061183367"},{"rel":"self","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/5244709722061183367"},{"rel":"alternate","type":"text/html","href":"https://www.sapui5tutors.com/2023/06/authentication-in-sap-cap-applications.html","title":"Authentication in SAP CAP applications using XS-UAA"}],"author":[{"name":{"$t":"Sanjo Thomas"},"uri":{"$t":"https://www.blogger.com/profile/06687889588258406801"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"35","height":"35","src":"//www.blogger.com/img/blogger_logo_round_35.png"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgWBtkz7mBpiFM1MAOK__w02vfjPA0f5pS5huUjm2jGxvRXG7LGHMqCCIy8A-QLd7wgS_mDjx9j3KpYvljUSTYaRguKx43EHTyqan3xDTvDPZ0YMAMKKXe8z-XUwv1ekCjtk-ZNfgEBXbajsQsGrQUMbn2zzHKCC50ba-dISUQP1zEi1SVTaDtZho/s72-w200-c-h200/IMG_1875.jpeg","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-3826368468004556615.post-8522356537014634487"},"published":{"$t":"2023-06-06T17:08:00.003-07:00"},"updated":{"$t":"2023-07-17T07:03:34.431-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"authentication"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Security"},{"scheme":"http://www.blogger.com/atom/ns#","term":"xs security"},{"scheme":"http://www.blogger.com/atom/ns#","term":"capm"},{"scheme":"http://www.blogger.com/atom/ns#","term":"SAP CAP"},{"scheme":"http://www.blogger.com/atom/ns#","term":"saml"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sap BTP CAPM"}],"title":{"type":"text","$t":"How does security and authentication works in SAP CAP based applications"},"content":{"type":"html","$t":"\u003cp\u003eSAP Cloud Application Programming (CAP) provides a comprehensive framework for developing cloud-native applications with a focus on security and authentication. As with any cloud application, security is a top priority and must be carefully considered and implemented to protect sensitive information and ensure that only authorized users can access the application.\u003c/p\u003e\u003cdiv class\u003d\"separator\" style\u003d\"clear: both; text-align: center;\"\u003e\u003ca href\u003d\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEVSDitVrRYU9shs4vyNKSRsKtATPd_v4Ej2iHNVYLmWqfWLUj6cnzVCLa9ndoRfUCN5FS0P-SMoFQN46AkbNVEI29boi_ibJ7_VTIoaX1t8Ms-NPo6mn2axdHVkvDcPmz2yeSPSD1Qcig7qc8lZlNEY8wVxD65OItGCBxpxGvLSkca1SiwAwNP58/s554/IMG_1873.jpeg\" style\u003d\"margin-left: 1em; margin-right: 1em;\"\u003e\u003cimg border\u003d\"0\" data-original-height\u003d\"554\" data-original-width\u003d\"554\" height\u003d\"200\" src\u003d\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEVSDitVrRYU9shs4vyNKSRsKtATPd_v4Ej2iHNVYLmWqfWLUj6cnzVCLa9ndoRfUCN5FS0P-SMoFQN46AkbNVEI29boi_ibJ7_VTIoaX1t8Ms-NPo6mn2axdHVkvDcPmz2yeSPSD1Qcig7qc8lZlNEY8wVxD65OItGCBxpxGvLSkca1SiwAwNP58/w200-h200/IMG_1873.jpeg\" width\u003d\"200\" /\u003e\u003c/a\u003e\u003c/div\u003e\u003cbr /\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003eAuthentication is the process of verifying the identity of a user or system, and SAP CAP provides several options for authentication, including OAuth 2.0, SAML, and OpenID Connect. OAuth 2.0 is a widely used standard for authentication and authorization, and is the recommended method for securing CAP applications. OAuth 2.0 provides a secure mechanism for users to authenticate with the application and obtain an access token, which can be used to access protected resources.\u003c/p\u003e\u003cp\u003eSAP CAP also provides support for role-based access control (RBAC), which allows administrators to define roles and permissions for users and groups, and restrict access to sensitive data or functionality based on those roles. This helps ensure that only authorized users can perform certain actions within the application..\u003c/p\u003e\u003cp\u003eAnother one of these is the XS-Security service, which provides a framework for authentication, authorization, and secure communication between components in a cloud environment. XS-Security is an SAP BTP service that can be used to secure SAP CAP applications.\u003c/p\u003e\u003cp\u003eAuthentication in SAP CAP is managed by the XS-UAA (User Account and Authentication) service, which is responsible for verifying the identity of a user. When a user logs in to an application, the XS-UAA service authenticates the user and issues an access token, which is used to access protected resources in the application.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003eAuthorization is managed by the XS-Security service, which is responsible for enforcing access control policies. Access control policies can be defined using the XS-Security API, which allows administrators to specify which users or groups have access to specific resources in the application.\u003c/p\u003e\u003cp\u003e\u003cbr /\u003e\u003c/p\u003e\u003cp\u003eSecure communication between components in a cloud environment is managed by the XS-Security service. By default, all communication between components is encrypted using SSL/TLS. This ensures that sensitive data cannot be intercepted or modified during transmission.\u003c/p\u003e\u003cp\u003eXS-Security also provides a mechanism for managing certificates and keys, which are used to secure communication between components. XS-Security can be used to generate and manage certificates and keys, and to ensure that they are securely stored and distributed to the appropriate components.\u003c/p\u003e\u003cp\u003eHere’s a text-based flowchart describing how XSUAA (SAP Business Technology Platform) service handles authentication in SAP CAP (Cloud Application Programming Model) applications:\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e1.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eUser accesses the SAP CAP application.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e2.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eThe application’s authentication middleware verifies if the user has a valid access token.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e3.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eIf the user doesn’t have a valid access token, the middleware redirects the user to the XSUAA service for authentication.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e4.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eThe user is presented with a login page to enter their credentials.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e5.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eUpon successful authentication, XSUAA generates an access token for the user.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e6.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eThe access token is returned to the SAP CAP application.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e7.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eThe application’s authentication middleware validates the access token received from XSUAA.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e8.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eIf the access token is valid, the user is granted access to the application’s protected resources.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e9.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eThe application can make use of the user’s identity and authorization information provided by XSUAA for further authorization checks.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e10.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eIf the access token is invalid or expired, the user is redirected back to XSUAA for reauthentication.\u003c/p\u003e\u003cp\u003e\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003e11.\u003cspan class\u003d\"Apple-tab-span\" style\u003d\"white-space: pre;\"\u003e\t\u003c/span\u003eThe process repeats until a valid access token is obtained or the user chooses to cancel the authentication process.\u003c/p\u003e\u003cp\u003eIn conclusion, XS-Security is a powerful tool for securing SAP CAP applications. By leveraging XS-Security, developers can ensure that their applications are protected from unauthorized access and data breaches, and that sensitive information is kept confidential.\u0026nbsp;\u003c/p\u003e\u003cp\u003eSAP CAP provides a comprehensive framework for developing secure cloud applications, with support for multiple authentication mechanisms, RBAC, data encryption, and secure coding practices. By following best practices and leveraging the built-in security features of SAP CAP, developers can ensure that their applications are secure and protected from unauthorized access and data breaches.\u003c/p\u003e"},"link":[{"rel":"replies","type":"application/atom+xml","href":"https://www.sapui5tutors.com/feeds/8522356537014634487/comments/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"https://www.sapui5tutors.com/2023/06/how-does-security-and-authentication.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/8522356537014634487"},{"rel":"self","type":"application/atom+xml","href":"https://www.blogger.com/feeds/3826368468004556615/posts/default/8522356537014634487"},{"rel":"alternate","type":"text/html","href":"https://www.sapui5tutors.com/2023/06/how-does-security-and-authentication.html","title":"How does security and authentication works in SAP CAP based applications"}],"author":[{"name":{"$t":"Sanjo Thomas"},"uri":{"$t":"https://www.blogger.com/profile/06687889588258406801"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"35","height":"35","src":"//www.blogger.com/img/blogger_logo_round_35.png"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEVSDitVrRYU9shs4vyNKSRsKtATPd_v4Ej2iHNVYLmWqfWLUj6cnzVCLa9ndoRfUCN5FS0P-SMoFQN46AkbNVEI29boi_ibJ7_VTIoaX1t8Ms-NPo6mn2axdHVkvDcPmz2yeSPSD1Qcig7qc8lZlNEY8wVxD65OItGCBxpxGvLSkca1SiwAwNP58/s72-w200-c-h200/IMG_1873.jpeg","height":"72","width":"72"},"thr$total":{"$t":"0"}}]}});