A way to prevent direct login and cross site calling handling and restrictions is to use a proxy.
A proxy is usually an alias that is local to the server the app was started on. The SAP Cloud Platform (SCP) calls it ‘destination’.
How does a destination work?
An SCP destination is an alias of a URL. This could be a
A request to the destination results in a request to the maintained URL.
A request to a path below that destination, results in a request of that path relative to the URL.
Hence an access to /pathC/myFile.ext below the destination, would result in a request to
respectively.
How to maintain a destination?
A destination can be maintained under Connectivity / Destinations.
Create the destination:
- Provide an name, like bydsystem, you want to use later to consume the destination.
- Provide the URL the destination should represent
- Decide how the login has to be handled. SCP offers multiple alternatives including username/password.
Save the destination. After a few seconds a Button Check Connection appears. You can use this to check, if the connection to the system is working. You are not authenticated in this moment, hence you credentials are not used. It is a technical check ('ping') to the system.
How to use a destination?
To consume the destination a route of type destination has to be configured.
A route is just a path on the server. Basically you tell the environment, what shall happen if you call that specific URL. A route can be fixed, like
/customers
or parameterized like
/costumer/0815/invoices
It usually triggers some specific page or function in the app. A destination route defines which destination, and therefore which target address is meant. Destination alias and route do not need to share anything in naming.
To configure the route, edit or create file neo-app.json in your app folder and add a routes array:
{
"welcomeFile": "index.html",
"routes": [
{
"path": "/destinations/my-system",
"target": {
"type": "destination",
"name": "bydsystem"
}
}
]
}
In the example a route /destinations/my-system has been created, that uses the destination with alias bydsystem. Your path could be different (anything in fact).
If your destination bydsystem is directed to
https://my123456.sapbydesign.com then a request to
/destinations/my-system/a-path/a-page.html
would trigger the use of destination bydsystem and result in an (authenticated as configured) request to
https://my123456.sapbydesign.com/a-path/a-page.html.