Skip to Content
Jan 16, 2020 at 10:49 AM

Accessing SAP Leonardo IoT API-s with authorizations from third party apps



We are struggling with a situation where we need to provide an API to the Thing data (measurements, metadata, etc.) in our SAP Leonardo IOT to users of third party apps. We were able to provide access as described in (using the clientid and clientsecret).

As a next step we need to restrict the objects each user is allowed to access.

We have our user access rights set up within Leonardo IoT using authorization groups (each user is allowed to read only a subset of Things). Directly browsing the API (e.g. by browsing to https:// .iot-sap.cfapps. . and logging in when prompted) respects the access rights of the logged-in user as expected.

How can we make these same requests programmatically?