The application I'm currently developing uses SAP CAP with the MTXS Sidecar for Tenant Subscription Handling.
The subscription works. A unique URL is created that I can map to the application router. Also a new HDI Container is created by the service manager.
But on attempt to access the application, I get rerouted to the XSUUA Service with an error message.
The URL for the authentification is:
https://$TENANT-$ORGNAME.authentication.eu10.hana.ondemand.com/oauth/authorize
with $TENANT and $ORGNAME being placeholders for the tenant and organization name respectively.

My mta.yaml looks like so:
_schema-version: "3.1"
ID: example
version: 1.0.0
description: ""
parameters:
enable-parallel-deployments: true
appname: example
deploy_mode: html5-repo
build-parameters:
before-all:
- builder: custom
commands:
- npm install --production
- npm run build:cf
modules:
- name: example-srv
type: nodejs
path: gen/srv
parameters:
buildpack: nodejs_buildpack
disk-quota: 512M
memory: 256M
build-parameters:
builder: npm-ci
provides:
- name: srv-api # required by consumers of CAP services (e.g. approuter)
properties:
srv-url: ${default-url}
requires:
- name: example-auth
- name: example-db
- name: example-registry
- name: example-approuter
type: approuter.nodejs
path: router # from cds.env.folders. Consider also cds.env.build.target -> gen/app
properties:
TENANT_HOST_PATTERN: "^(.*)-${space}-${app-name}.${default-domain}"
parameters:
disk-quota: 256M
memory: 256M
routes:
- route: https://${default-host}.${default-domain}
requires:
- name: example-html5-repo-runtime
- name: example-auth
- name: srv-api
group: destinations
properties:
name: srv-api # must be used in xs-app.json as well
url: ~{srv-url}
forwardAuthToken: true
provides:
- name: app-api
properties:
app-protocol: ${protocol}
app-uri: ${default-uri}
build-parameters:
builder: custom
commands:
- npm install
- npm run build:ts
- name: example-app-content
type: com.sap.application.content
path: .
requires:
- name: example-html5-repo-host
parameters:
content-target: true
build-parameters:
build-result: app_resources
requires:
- artifacts:
- example.zip
name: example
target-path: app_resources/
- name: example
type: html5
path: app/example
build-parameters:
build-result: dist
builder: custom
commands:
- npm install
- npm run build:cf
supported-platforms: []
- name: example-mtx
type: nodejs
path: gen/mtx/sidecar
build-parameters:
builder: npm-ci
parameters:
memory: 256M
disk-quota: 512M
provides:
- name: mtx-api
properties:
mtx-url: ${default-url}
requires:
- name: app-api
properties:
SUBSCRIPTION_URL: ~{app-protocol}://\${tenant_subdomain}-~{app-uri}
- name: example-db
- name: example-auth
- name: example-registry
resources:
- name: example-auth
type: org.cloudfoundry.managed-service
parameters:
service: xsuaa
service-plan: application
path: ./xs-security.json
config:
xsappname: example
tenant-mode: shared
requires:
- name: app-api
- name: example-html5-repo-host
type: org.cloudfoundry.managed-service
parameters:
service: html5-apps-repo
service-plan: app-host
service-key: example-html5-repo-host-key
- name: example-html5-repo-runtime
type: org.cloudfoundry.managed-service
parameters:
service: html5-apps-repo
service-plan: app-runtime
service-name: html5-apps-repo-rt
- name: example-registry
type: org.cloudfoundry.managed-service
requires:
- name: mtx-api
parameters:
service: saas-registry
service-plan: application
config:
xsappname: example
appName: example
displayName: example
description: Example Substription Service
category: "Example Services"
appUrls:
getDependencies: ~{mtx-api/mtx-url}/-/cds/saas-provisioning/dependencies
onSubscription: ~{mtx-api/mtx-url}/-/cds/saas-provisioning/tenant/{tenantId}
onSubscriptionAsync: true
onUnSubscriptionAsync: true
onUpdateDependenciesAsync: true
callbackTimeoutMillis: 300000 # Increase if your deployments are taking longer than that
- name: example-db
type: org.cloudfoundry.managed-service
parameters:
service: service-manager
service-plan: containerMy application router:
{
"welcomeFile": "index.html",
"authenticationMethod": "route",
"logout": {
"logoutEndpoint": "/logout",
"logoutPage": "LOGOUT_PAGE_URL"
},
"routes": [
{
"source": "^/logout.html$",
"target": "example/logout.html",
"service": "html5-apps-repo-rt",
"authenticationType": "none"
},
{
"source": "^/index.html",
"target": "/userexample/index.html",
"service": "html5-apps-repo-rt",
"cacheControl": "no-cache, no-store, must-revalidate"
},
{
"source": "/v2/exampleservice/(.*)$",
"target": "/v2/exampleservice/$1",
"authenticationType": "xsuaa",
"destination": "srv-api",
"csrfProtection": true
},
{
"source": "^(/.*)",
"target": "/userexample/$1",
"authenticationType": "xsuaa",
"service": "html5-apps-repo-rt"
}
]
}I greatly appreciate any assistance in pinpointing possible sources of error.