on 05-11-2022 10:08 AM
Hi Community,
i'm going to build a cap app which consumes apis from other systems and which consumes events from eventmesh.
This cap app also exposes services (OData) for monitoring, starting implemented scenarios, getting data from it and so on. I also tried to implement JWT-based oAuth2 Security.
To achive this all i:
After deployment i assigned the role to role-collection.
But here's the point where i'm not sure:
When i use another deployed service on btp, for example with postman, i get credentials such as clientId, clientSecret and a Token-Endpoint-URL to get an JWT-Token from a serivce key of a "service" (not an app) and with this token i can make the request i want to.
But how do i connect from postman to my cap-app and consume the OData-Services? I dont have a service key from where to get the clientid,clientsecret,tokenurl. And I additionally want use a real identified user to for getting access rights.
At the moment i do this with an additional approuter deployed as part of the mta.yaml. With browser i can login as a user and the approuter routes to the service (using oauth2). But how do i achive login with postman or other external consumers?
regards
Matthias
Look at the binding from the CAP app (service) to the xsuaa service. In there you will see the oauth credentials to use for a client-credentials flow.
Note that the client credentials flow essentially logs you on with a technical user - not a real user that may have roles assigned to them.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
65 | |
8 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.