Technical Articles
SAP Launchpad service: Integrate apps from the ABAP Environment
In this blog I’ll demonstrate how to configure an integration between the SAP Launchpad service and a Fiori application deployed in the the ABAP environment. Below is the setup with both the ABAP environment and the Launchpad service sitting in the same subaccount. The steps shown will also work across separate subaccounts.
Here is the application when opened directly in the ABAP environment. Notice the URL, pointing to <ABAP environment ID>.abap-web.<Data Center>.hana.ondemand.com. By the way, this application is from the excellent developer tutorial, Develop an SAP Fiori App Using ABAP, which can be implemented on any ABAP system with the flight demo activated.
Fiori Elements application in ABAP environment
1. Create a destination to the ABAP environment.
Destination to ABAP Environment
Go to the subaccount cockpit and create a new HTTP destination pointing to the ABAP environment:
URL: https://<ABAP environment ID>.abap-web.<Data Center>.hana.ondemand.com
Proxy Type: Internet
Authentication: No Authentication
Additional Properties
sap-client: 100
sap-platform: ABAP
To create a tile with dynamic information, aka. dynamic app launcher, a second destination with the authentication type OAuth2UserTokenExchange needs to be configured. See the documentation for details on how to configure this destination.
2. Configure clickjacking protection in the ABAP environment.
For security, the ABAP environment will only allow the integration with specific hosts which are entered into an allow-list. This means the hostname for the launchpad service needs to be added there.
Open the ABAP environment dashboard, go to security and open the app Maintain Protection Whitelists.
ABAP Environment Security apps
Add Trusted Hosts in the Clickjacking Protection
Open the tab Clickjacking Protection and click on + sign and add host name for the launchpad service.
Trusted Host Name: <Subaccount Subdomain>.launchpad.<Data Center>.hana.ondemand.com
Schema: HTTPS
Port: 443
3. Configure app, catalog, group and role in launchpad service
Now the app can be added to the launchpad service. Create a new application in the launchpad Site Manager.
System:
App UI Technology:
SAPUI5 Component Name:
App Configuration
The sapui5 component name of the app can be found by opening the developer tools in the browser and inspecting the index.html of the app. Check under modules, the component name is in front of the Component.js
index.html
Afterwards, create a group, catalog and role and assign the app to it.
4. Add the role to the site and assign it to user(s)
Now go to the site, click edit and add the newly created role.
Then switch to the SAP BTP cockpit and add user(s) to the new role collection.
Role Collections
5. Test the app integration
Open the launchpad site and check that the Travel app shows up as a new tile.
Launchpad travel tile
Open it and the app will now launch within the Launchpad service .
Fiori Elements App from ABAP environment Launchpad service
Reference: Manual App Integration in help.sap.com
Hi Arne ,
In step 2, I am trying to add in 'Protection Whitelist' the correct URL but I am getting the error of -->
This is the subaccount subdomain and after concatenating it with " " ".launchpad.eu10.hana.ondemand.com", it exceeds the limit of the string allowed in Host Name .
Waiting to hear from you !
Thnx Arnold
Hi Arnold,
unfortunately that 64 character limit in the ABAP allow-list is a hard limit. Maybe Karl Kessler can comment on this in more detail.
I'd recommend to create a new subaccount with a more pithy subdomain with <30 chars for the launchpad service.
Regards,
Arne
hi Arnold,
As mentioned at https://help.sap.com/docs/BTP/10fd1742ea914256abedb34bf15bd069/3d1ea8b1a0e145bb851d36d0da376e17.html?locale=en-US, you can put * at the beginning of the URL, for eg: "*.cfapps.<region>.hana.ondemand.com"
Regards,
Binson
Hi Arne,
I followed your steps to integrate my Fiori application into the launchpad. The only difference is the Launchpad Service is provided by a different subaccount than the ABAP environment, but both are within the same global account.
When I klick the app from the new tile, the app starts properly at first. But since it shows a "no parking" sign, I can't press any button, e.g. "Go".
I created another tile which starts the app directly by URL, this one works well.
Do you have any idea what's wrong?
Kind regards
Michael
Hi Michael,
Looks like you have not completed the Clickjacking configuration using "Maintain Protection Allowlists", as documented at https://help.sap.com/docs/BTP/10fd1742ea914256abedb34bf15bd069/3d1ea8b1a0e145bb851d36d0da376e17.html?locale=en-US
Regards,
Binson
Hi Arne,
For point 2: Open the ABAP environment dashboard, go to security and open the app Maintain Protection Whitelists.
In dashboard I cannot see app Maintain Protection Whitelists. Can you please guide
PS: I am using BTP trial account and created instance for ABAP environment in shared mode.
Hi Karan,
Please check whether you have "SAP_BR_ADMINISTRATOR" role or a custom role with business catalog "SAP_CORE_BC_SEC" is assigned to your user in the ABAP environment.
Regards,
Binson