Skip to Content
Technical Articles

How to get logged in user in SAP Cloud Platform (Cloud Foundry)

Github repository: (Branch: part2)



  • In this session, we will look at how to get the logged in user in SAP Cloud Platform (Cloud Foundry environment)



  • SAP Cloud Platform can be set up with any Identity Provider that supports SAML
  • When building SAPUI5 applications, we can require that users be authenticated against this Identity Provider
  • There may be many instances where you might want to display user specific messages on the home page (for example, some form of welcome message) – and for this you need to know the logged in user
  • In Cloud Foundry, the user authentication is handled by the approuter which performs all the complex OAuth flows



  • Unlike the Neo environment, there is no ready made userapi service provided by SAP Cloud Platform Cloud Foundry that provides the logged in user information
  • However, the Cloud Foundry provides us with the approuter that performs all the complex OAuth flows
  • We can add custom middleware functions that can query the request object and extract the user information inside of it
  • The user information itself is stored in a JWT Token that can be retrieved and decoded using a npm package (in our case, we are using jwt-decode)
  • Please note that we are not validating the JWT Token, but merely decoding it and getting the user information in the payload of the JWT Token
  • Check out for more information on JWT Tokens


YouTube link:



  • This video should give you a clear idea on how to get the logged in user in SAP Cloud Platform Cloud Foundry environment
  • You should also have a good handle on how middleware functions work and how the JWT Tokens are used in the OAuth flows
  • If you have any questions or comments, please list them below and I will be happy to answer


Previous post:


Next post:


Related post:


1 Comment
You must be Logged on to comment or reply to a post.
  • Hi Milton Chandradas,

    Can you provide any reference how do we fetch logged in user details in case of managed approuter.


    Kamalpreet Kaur