Authentication and Authorization¶
Mobile Development Kit Mobile Client¶
The Mobile Development Kit mobile client app authenticates with BTP mobile services using the OAuth2 provided by SAP BTP SDK for iOS and SAP BTP SDK for Android. More information can be found here. A developer obtains the OAuth parameters for the Mobile Development Kit app, e.g. ClientId, AuthorizationEndpointUrl, TokenUrl and RedirectUrl, from mobile services cockpit and configures the Application Connection Information in the BrandedSettings.json under the .mdkproject directory.
To enable certificate based authentication in your Mobile Development Kit client, please follow this tutorial.
Mobile Development Kit Web App¶
A Mobile Development Kit web runtime app runs in BTP as an HTML5 application. For a web runtime app running in BTP Neo, users authenticate with the IDP using SAML2. For a web runtime app running in BTP Cloud Foundry, users authenticate with the IDP using SAML2 as part of the OAuth2 authorization flow with UAA. To make an app publicly accessible, the developer can switch off the authentication by setting the authenticationMethod to "none" in the neo-app.json or xs-app.json for Neo and Cloud Foundry respectively.
User authorization of a web runtime app is not different from that of a generic HTML5 web app in BTP. Please refer to BTP authorization for details. Developers can configure the securityConstraints in neo-app.json and the scope in xs-app.json of their web runtime apps.