We are using SAP HCI as our integration platform and have set-up OAuth in the SAP HANA Cloud Platform Cockpit to enable external consumers to call our services. My question is can we restrict a consumer to be able to use specific services ?
i.e Currently a consumer with a valid access token potentially has access to any service on the HCI tenant, all HCI services will be sub-elements of the endpoint:
https://e9999-iflmap.hcisbt.eu1.hana.ondemand.com/cxf
We wish to restrict Consumer A to a service that has for example endpoint
https://9999-iflmap.hcisbt.eu1.hana.ondemand.com/cxf/Dosearch/
If we don't tell consumer A what the other endpoints available are then we can assume that they won't attempt to call them but is this a risk from a malicious attempt to guess service endpoints?
Register Client
Created the OAuth Access Token (authorized by S-User)
HCI Overview
S-User Assigned to ESBMessaging.send Role
- SAP Managed Tags:
Accepted Solutions (0)
Answers (0)
| User | Count |
|---|---|
| 95 | |
| 11 | |
| 10 | |
| 9 | |
| 9 | |
| 7 | |
| 6 | |
| 5 | |
| 5 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.