Skip to Content
Author's profile photo Akshay Tigga

SAP HCP OData Provisioning – Configuring Security Options via Destination

HCPODP – Security


SAP HCP OData provisioning application (HCPODP a.k.a Gwaas – Gateway as a Service) is equipped with the security features in line with the requirements outlined by SAP security product standard. In order to meet the security requirements HCPODP leverages the standard security mechanisms available from HCP (Hana Cloud Platform)


The following security features are available in HCPODP :

  • FORM based authentication for protecting HCIODP application
    • GW_Admin and GW_User role for accessing HCIODP cockpit
    • GW_User role for accessing OData endpoints (/odata/*url pattern)(This includes Repository Service,Catalog Service, Error Log Service and Business Odata Service)
    • By default HCP supports AppToAppSSO for FORM based authentication and so does HCIODP
    • BY default HCP supports browser based SSO via SAML 2.0  Assertion.(Every HCP account is by default configured with SAML based SAP Idp so default protocol is over SAML 2.0 token)
  • Protection against CSRF(Cross Site Request Forgery) attacks.
    • All odata endpoints available from HCIODP application are protected against CSRF
  • Security features available from odata consumption perspective
    • HCIODP makes available two types of odata endpoints for outside consumption
      • Business OData Endpoints for backend connectivity/data
      • CATALOGSERVICE for service exploration by consumption tools
  • Channels of outside consumption
    • Direct endpoint consumption via Rest Client (Browser Plugin)
    • Direct endpoint Access via Browser
    • Direct endpoint Consumption by Tools like SAP Web IDE
    • SAP UI5 / Java based Application deployed in SAP HCP (Hana Cloud  Platform)

Consumption Support Feature Matrix


Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo Colin Kraczkowsky
      Colin Kraczkowsky

      Hi Akshay,
      Thank you for the information, however I'm unable to  see the matrix at the bottom - how was it embedded?