Skip to Content
Technical Articles

Configuring Roles – SAP Fiori Launchpad Cloudfoundry

Hi All,

Today, I would like to show how to configure the roles in Fiori launchpad Cloud foundry. In detail,

We can control the apps that will be displayed in the launchpad, based on the authorization check.

 

For instance, there are two apps in the  FIORI launchpad.

We have two roles in the Application.

1. USER

2. ADMIN.

Fiori Launchpad should show strictly user-related apps if USER Login to the Application.

How to achieve the above scenario?.

Please follow the steps to do that.

Step1: Declare the scopes in xs-app.json

 

 

Step 2: Declare the Same scopes in xs-security.json in below formate.

 

Step 3. Create Roles in xs-security.json inside role-templates sections.

Please note that created roles will display in the Role Collection under your cloud account.

 

 

Step 4:  Configure Authorization in the manifest.json in your HTML5 Module.

 

Add below code in the manifest.json: $XSAPPNAME.user was defined in scopes early in step 2

 

Step 5: Just repeat the above step for another app which is for Admin.

 

Step 6: Build and Deploy in your cloud foundry account

 

Step 7: Create Two Roles in Role Collection under the Security section

 

 

Step 8:  Click on POC_Open_user Role and add Role Templates which you have created already in xs-security.json Please refer Step-3

 

 

Select the user role from the template section.

 

Step 9: Assign roles to the account Id in Trust Configurations.

 

 

Step 10: Please open your launchpad approuter URL. You can only see the USER related apps.

Fiori Launchpad Before applying Roles & Authorization

Fiori Launchpad After applying  Roles & Authorization ( Assigned User role )

 

Conclusion: We can filter the apps in the Fiori launchpad Cloud Foundry based on the Roles.

I hope this blog post helps you during your development.

 

Thanks & Regards

Charan

15 Comments
You must be Logged on to comment or reply to a post.
  • Great post, thanks for sharing ☺️ One question, is there a possibility to show all assigned users with the associated roles in the ID Service?

    Cheers, Markus

    • Hi Markus,

      Its not possible . You have to search with their Email Ids in Trust SAP ID service. There you can see their roles ( You should have Administrators rights )

      Thanks

      Charan

  • Great article Lot’s of information to Read…Great work Keep Posting and update to People. Thanks, Now I would like to share some information about resolving hp printer in error state issue. if you are unable to print an important document you can get help here.

  • Thanks, this is very helpful information.

    Out of curiosity: How did you find out about the “sap.platform.cf” entry in the manifest.json? Is it described in some “official” documentation?

  • Hi Charanraj,

    thank you for the info, I have one requirement where I need to pass more than one Scope-  “sap.platform.cf” . For example

    “sap.platform.cf”: {
    “oAuthScopes”: [
    “$XSAPPNAME.ReadLog”,”$XSAPPNAME.WriteLog”
    ]
    }
    Is this possible ? I tried but seems like the above configuration is not working, it does not support 2 different scopes to be passed via the sap.platform.cf
    Your help is highly appreciated
    regards
    Abdul
    • Hi Abdul Musavir,

      It’s possible. we have implemented successfully in our project.

       

       

      Please check xs security.json file and Roles Template properly.

      Thanks

      Charan

       

      /
  • We have following requirement:

    same fiori app : javascript.app1, but we configured two tiles with following

    {
    “id”: “app1”,
    “appId”: “com.sap.test.app1”,
    “vizId”: “app1-Manage”
    }, {
    “id”: “app1”,
    “appId”: “com.sap.test.app1”,
    “vizId”: “app1-Others”
    },

    Now how can we configure two different oAuthScopes (app1Manage, app1Others) for  same project javascript.app1.

    Now in Launchpad:

    For oAuthScope app1Manage we need to show first tile.

    For OAuthScope app1Others we need to show second tile.

     

    Regards,

    Rama