Skip to Content
avatar image
Former Member

Need help with creating multitenant application and design

Hi Experts,

I need your help with the following requirement:

I have 2 applications App1 and App2. Both apps are deployed on a provider account.

My end users get only App1 as a subscription. They do not get direct access to App2.

App1 uses a service of the App2 which is exposed as a rest API.

App2 is a simple web app that manages a DB table implemented with JPA and it's ui is build with UI5.

App2 has 2 roles Administrator and Developer. The response of the App2 service depends on a user role.

Only an administrator knows the direct URL to the App2.

All end users of the App1 are assigned to the Developer role. App1 calls App2 service via configured destination in the provider account.

My problem is that when an App1 user performs and action that triggers access to App2 he gets access denied 401.

It seems that when the request arrives to App2 service it does not recognizes that a user belongs to Developer role.

Do I need to configure / develop something to make the following design work ?

Regards,Slavik

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Apr 14, 2016 at 05:57 AM

    Hi Stanislav,

    Can you please clarify:

    1. What kind of destination are you using for the call from App1 to App2?

    2. Does this destination support Principal Propagation?

    3. Are the users defined in the Provider Account (and roles assigned there) or in the Subscriber Account?

    Regards, Vladimir

    Add comment
    10|10000 characters needed characters exceeded