Let’s first understand “destination” terminology. A destination basically is a connection to your backend system (either on-premise or cloud)
For any app that is being built via SAP Cloud Platform Mobile Service, it’s a two fold process. First app must authenticate into SAP Cloud Platform and later to your backend data source.
Destination play a role in second part of authentication
When you create a new destination in SAP Cloud Platform Mobile Service for an application, you will see 3 different options
Now let’s understand when to choose which “destination”
- Here, you can provide destination URL depending on where your backend system reside.
- In case of connecting to on-premise system (you would need SAP Cloud Connector to connect to these systems), you should select Proxy Type as On-Premise (Cloud Connector) and URL should point to Virtual host
- In case of connecting to systems e.g. publicly accessible one like ES4, ES5, Northwind , you should select proxy type as Internet
- To understand , which SSO Mechanism could suit in your scenario, check out this blog post
Cloud Platform Destination:
- When you choose this option, you basically refer to an existing destination available in SAP Cloud Platform Cockpit. You don’t need to enter this destination manually in Mobile service cockpit.
Important Info: When you are creating a destination in Mobile Service for Development and Operations, the destinations with authentication PrincipalPropagation created on SCP Cockpit are not available to be selected. The PrincipalPropagation authentication is only supported in destinations with CloudConnectorVersion set to ‘2’ . Check SAP Note: 2628630
- With this kind of destination, you can create a custom Fiori Client applications. Here, you need to provide destination connecting to SAP Fiori server i.e. on-premise Fiori Front End server or SAP Fiori Cloud
- By default, in SAP CP Mobile service account cockpit, you will find a pre-added Fiori client destination connecting to Fiori Cloud Edition. default Fiori destination cant be edited or deleted)
- Depending on either selection of Fiori Destination Type as SAP Fiori Cloud or Front End Server, you will see respective configurations to proceed further.
- For SAP Fiori Cloud
- SSO Mechanism is Application-to-Application SSO
- Destination URL must be in HTTPS Format
- For Front End Server
- SSO Mechanisms are SAPAssertionSSO, Principal Propogation, Basic Authentication
- Destination URL must be in HTTP Format
- For SAP Fiori Cloud
I would recommend to follow this blog post for more details.
For More information on Single-Sign-On mechanisms , please read this blog post from my colleague.
Product Management, SAP Cloud Platform User Experience