Defining Application Authentication

Assign a security profile to the selected application. The security profile defines parameters that control how the server authenticates the user during onboarding, and request-response interactions with the back end.


In a production environment, configure security profiles for application authentication. In a development or test environment, you can use a security profile such as Default.


Security profiles are made up of one or more authentication providers. These authentication providers can be shared across multiple security profiles, and can be modified in Management Cockpit. For more information about authentication providers, see Authentication in SAP Mobile Platform.

You can stack multiple providers to take advantage of features in the order you chose; the Control Flag must be set for each enabled security provider in the stack.


  1. In Management Cockpit, select Applications.
  2. For an application, select Start of the navigation path  Next navigation step Configure Next navigation step Authentication End of the navigation path.
  3. Select a Security Profile Name, or select Create New, and enter a name for the new profile.

    The authentication providers that are associated with the security profile appear under Authentication Providers.

  4. (Optional) For token-based authentication, enable Check Impersonation to prevent authentication when the user name presented cannot be matched against any of the user names validated in the login modules.
  5. (Optional) To add an authentication provider to the security profile, click the Add icon , and in the Add Authentication Provider dialog:
    1. Select an Authentication Provider from the list.
    2. Select the Control Flag.
    3. Enter an optional description for the provider.
    4. To validate the settings, click Test Settings.
    5. Click Save.