Skip to Content
0
Aug 17, 2023 at 12:54 PM

SAPUI5 & SAP CAP with Consume External Services - User management

189 Views

Dear Community,

We have an application where the front-end is a SAPUI5 Freestyle application, with a standalone Approuter and a CAP service, consuming external service: SuccessFactors OData v2 API. Authentication flow: User logs in through idP, we decode the JWT token and using the custom attributes coming from IAS, through the application, like in $filter querys. We know the downside of storing these values on the backend in variables, which might get overwritten by an another user.

Now we have the requirements, some users needs to see only their data. But in some cases the application loads another user's data, using the application parallelly. We do not use any database instance to read data / perform any selection, we only have the connection to the external service.

Could you please advise, how to differentiate users and send back right data only for the right user?

Thank you in advance,

Gergő