cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP BTP SAPUI5 Application IP White-/Blacklisting

Go to solution
andreas_morf2
Explorer

on ‎11-29-2021 2:01 PM

0 Kudos

Hi there,

can anyone provide me with information about IP White-/Blacklisting in SAPUI5 applications running on the SAP BTP platform? Apart from the access mechanisms like e.g. SAML2.0 Access Protocol for login, how can you prevent e.g. someone from North Korea to even make a call to your application (by blocking an IP range)?

Thank you.

Regards,
Andreas

Show replies
Show replies
Answer
View Entire Topic
D_Olderdissen
Advisor
Advisor
‎12-17-2021 6:24 PM

Generally, you don`t. At least BTP does not provide you any means define your own IP allow and deny lists. Apart from the SAML2 authentication options e.g. via IAS. It kind of boils down to your use case.

If you are worried about export control and sanctions compliance, then that is some thing SAP is taking care of. See this statement: https://www.sap.com/about/agreements/export-statements.html

If you are worried out of security concerns, then maybe reconsider this IP filter thingy because is does not get you any additional security from attackers. Even script kiddies know how to handle attacks via a proxy or privacy VPN and would render your IP filter mute.

If you are trying to limit access to corporate users, then the SAML2 limitation seems fairly ok?

Show replies
Show replies
Ask a Question