I created XSUAA instance for my app and bind it using cds bind for testing purpose. I've set user roles and everything including xs-security in app folder, when I run both app router and app instance (cds watch --profile hybrid) everything is fine and I can't access my odata service because it unauthorized(401). It should work when I access it through app router but it return error
Completed with status 500 Error while retrieving destination srv-api from destination service.
Bellow is my xs-security.json in app
{ "authenticationMethod": "route", "logout": { "logoutEndpoint": "/app-logout", "logoutPage": "/" }, "routes": [ { "source": "/catalog/(.*)", "destination": "srv-api", "csrfProtection": true, "authenticationType": "xsuaa" }, { "source": "^/user-api(.*)", "target": "$1", "service": "sap-approuter-userapi" }, { "source": "/(.*)", "localDir": ".", "authenticationType": "xsuaa" } ]}
Hope some of you know how to solve this, thanks.