we have configured an new default SAP IDP (xxx.accounts.hanaondemand.com) for our Cloud on NEO.
In SAP cloud we have JAVA app with role "approle".
In HANA XS we have a destination that is called from a job and shall run the java app.
The destination is configured for basic auth and a user from the sap IDP is given with password. The user has "approle" on cloud.
The destination is called from xs script. But anyway we call the service, we cannot get it working. It will work however with a s-user but not with the user from new default IDP.
We tried with specifying the idp in the service URL (?saml2idp=newIDP) and without, but nothing works for the user.
Either we get "unauthorized" or the destination will call the IDP login screen, which results in a "your browser does not support JAVA" error.
Please advise. Any hints welcome.