The aim of this short article is to show how to hide the settings of a SAP Fiori Client app. Indeed, some customers might require stricter privacy for sensible data while customizing and building the SAP Fiori Client app. Such data can be prevented to be viewed by the app’s users just by modifying slightly the original code of the fioriclient.js. Note that a wide and full guide about how to set, build and run SAP Fiori Client has been already provided ( the files and related folder paths mentioned herein refer to as described in such guide.

The sensible data that is possible to hide in the settings menu (Figure 1) can be found in the appConfig.js file (C:\SAP\MobileSDK3\KapselSDK\apps\fiori_client\FioriClient\www).


Figure 1 – The settings menu available within the app

These are

  • SAP Fiori URL[1] (“fioriURL” in the appConfig.js file)
  • Proxy Through SMP[2] (whether “fioriURLIsSMP” is set to “true” in the appConfig.js file)
  • App ID[3] (“appID” in the appConfig.js file)

The file whose code has to be modified to hide the above parameters is fioriclient.js (C:\SAP\MobileSDK3\KapselSDK\plugins\fioriclient\www).

In order to hide SAP Fiori URL, the command


has to be commented. “urlPreference” is the variable in which the value associated to “fioriURL” is stored. Once the application has loaded the default values of the appConfig.js parameters at the app startup, such values are copied into AppPreferences, where they can be modified by the user. From that point on, any value in AppPreferences will override any value of the same key in appConfig.js. Therefore, by commenting this command, the value of fioriURL will not be loaded in AppPreferences and thus not displayed.


Similarly, if the command

            preferencesJSON[“preferences”].push(isSmpPreference , appIdPreference)


is commented, the values associated to “isSmpPreference” and “appIdPreference” – respectively “fioriURLIsSMP” and “appID” – will not be loaded in AppPreference, thus not displayed in the settings menu within the app.

To wrap-up, sensible data in the appConfig.js file can be kept private simply by commenting a couple of lines. With such change, the settings menu turns out to look like as in Figure 2.

Fig2.pngFigure 2 – The settings menu with appConfig.js parameters kept private and not displayed

I hope this short, simple article might turn out to be useful and save you some time. 🙂

Best regards,

Simone Palmisano

Comments below are reported just as in the appConfig.js file

[1] fioriURL = fioriURL – The full URL of the target application. If your application does not use SMP, it will navigate directly to this URL once logon is completed. If your app does use SMP, this URL is parsed and used in the following way:

*   1. The URL scheme (which must be http or https) determines the initial value of the ‘https’ flag in the registration dialog. Similarly, the host and port in the URL determine their corresponding initial values in the registration dialog, with port defaulting to 443 if it’s not specified.

*   2. The URL suffix (everything after the host and port) is appended to the URL that the user registers to. Though this is likely to be the same as the scheme, host and port from 1., the user has the opportunity to change these values. In contrast, the suffix can’t be changed.

[2] fioriURLIsSMP = Set this to true if you are using SMP. If set to true, the application will perform SMP registration.

[3] appID = The appID used to identify the application to the data vault. If you are using SMP, this should be consistent with the appID of the target application. Note that this value is distinct from the packageName, which is mainly used to identify your application in app stores.

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply