Skip to Content
0
Jan 12, 2023 at 04:12 PM

CF: Local service calls to an app in SAP BTP using AzureAD as IdP

66 Views Last edit Jan 12, 2023 at 09:41 AM 5 rev

My scenario is the same one that is described in this post: https://blogs.sap.com/2019/03/07/how-to-integrate-azure-ad-with-sap-cloud-platform-cloud-foundry/

  1. I deploy an app in SAP (CF) BTP. The app simply performs a basic task that will generate a report when it is received a request.
  2. I use AzureAD as IDP. I also disable SAP IAS.
  3. Then I create an app router URL for the app in SAP BTP.
  4. On my local system, I have a web app that will send a request to the app in SAP BTP. When it executes, users will be redirected to the Microsoft Login page to authenticate their username and password. If the authenticating action is successful, they can receive the report that is returned from the app in SAP BTP. Everything works properly at this step!
  5. Now, I have another java app (service, non-GUI). This service will be scheduled to send a request to the app in SAP BTP. And the question in this scenario is how it can authenticate the Azure AD as it is a service and it cannot display the MS Login form for users to enter their credentials.

Is there a solution that the service can authenticate AzureAD for this scenario? I am looking for OpenID Connect, instead of using SAML. But, when setting up the SAP Cloud Platform enterprise app on Azure AD, it seems to support SAML only.