The Foundation Component

The Foundation component includes modules for integrating your application with SAP Cloud Platform Mobile Services features.


The Authentication module provides the following authentication methods:

  • Basic Auth: Collects user name and password credentials and submits them using a standard method when making a request.
  • OAuth2: Provides OAuth2 authentication support as defined in the OAuth 2.0 specification. Enables authentication of users using authorization grant and client credentials flows.
  • SAML: Provides SAML authentication supported as defined in SAML authentication
  • Certificate: Provides certificate-based authentication support.
  • One Time Password (OTP): Provides support for authenticaiton using a password that is valid only for one login session or transaction.
  • No Auth: No authentication.

When you configure a mobile service application with an authentication method, any access to the back end that uses REST API requires either a authenticated session context or valid authentication headers for authentication.

Back-End Connectivity

Much of the functionality of the Foundation APIs is closely related to the network communication to the back-end servers. The APIs make it easier for developers to write applications that interact with servers, however, the APIs rely on the okHttp library for network communication. To provide more flexibility to developers who are using the library, the class and method designs are open and can directly accept okHttp client objects.

Foundation uses com.squareup.okhttp3 for OkHttp.


The cache component provides temporary storage that can maintain a single copy of items that would be expensive to create or load using, for example, remote network calls. A cache is a key/value store that has a maximum storage capacity specified by the user and exposes methods to support CRUD operations. Because the cache has limited storage capacity, you can't add a new item to a full cache without first removing another item. The cache implementation and cache replacement policy specifies which item to remove.

Client Usage

The client usage component collects, stores, and uploads client usage events to the SAP Cloud Platform. The platform analyzes this data for usage patterns including amount of time the app is in use, which screens are accessed, which actions are taken by the app user, and so on.

Configuration Provider

The configuration provider component provides an onboarding mechanism for an application by facilitating the retrieval of the initial configuration data. For example, a configuration provider can retrieve the parameters, such as server URL and port number, that are required to connect to a back-end service.

Encryption Utility

The encryption utility provides a protected storage for users to store and access the encryption keys that are associated with an alias. They can then use these keys can then be used to access the Secure Store classes.


SAP Cloud Platform Mobile Services provide a client log upload service that can be used to upload debug and trace logs from the mobile application that administrators can then review. This feature can be useful for supporting mobile applications in the field.

Logging can also be very helpful during the application development phase. Your application also can use the logging modules to log messages.

The logging classes in the SDK make it easier to collect logs in the client and upload them to the SAP Cloud Platform. All the modules in the SDK use the logging component for logging.

Push Notifications

Push notification client classes help your mobile applications interface with SAP Cloud Platform Mobile Services push capabilities. The mobile application obtains a push token from the Firebase Cloud Messaging infrastructure and registers with the mobile services push service. Once the push token is registered, the mobile services administration infrastructure can send notifications to devices.

Secure Store

The secure store module provides transparent 256-bit AES encryption of the data that is stored in a SQLite database.

The secure store package includes the following modules:

  • SecureDatabaseStore: represents a single SQLite database and is used for executing SQL statements
  • SecureDatabaseResultSet- represents the results of executing a query on a SecureDatabaseStore
  • SecureKeyValueStore- represents a key-value store and stores data in a non-relational way
  • SecurePreferenceDataStore- A PreferenceDataStore implementation that can be used to replace the default Android SharedPreferences and provide an extra layer of application data protection


The storage service module provides for data management at the application, user, and device level.

By default, the mobile service settingsExchange provides data. Additionally, mobile application developers can create their own data to be stored and retrieved using the Storage APIs. The Settings module provide methods for storing, reading, and deleting the storage service data.

The Settings module allows a mobile application to read and modify the application-related settings that are available in SAP Cloud Platform Mobile Services. Some settings can be modified using the storage APIs from the app to update a setting at the user level (thus available on all user's devices) or at the device level.

User Information

The UserRoles API allows your app to retrieve the user's name, ID, and roles.