on 02-14-2017 10:51 AM
We are using SAP HCI as our integration platform and have set-up OAuth in the SAP HANA Cloud Platform Cockpit to enable external consumers to call our services. My question is can we restrict a consumer to be able to use specific services ?
i.e Currently a consumer with a valid access token potentially has access to any service on the HCI tenant, all HCI services will be sub-elements of the endpoint:
https://e9999-iflmap.hcisbt.eu1.hana.ondemand.com/cxf
We wish to restrict Consumer A to a service that has for example endpoint
https://9999-iflmap.hcisbt.eu1.hana.ondemand.com/cxf/Dosearch/
If we don't tell consumer A what the other endpoints available are then we can assume that they won't attempt to call them but is this a risk from a malicious attempt to guess service endpoints?
Register Client
Created the OAuth Access Token (authorized by S-User)
HCI Overview
S-User Assigned to ESBMessaging.send Role
User | Count |
---|---|
95 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.