Authentication and Authorization¶
Mobile Development Kit Mobile Client¶
The Mobile Development Kit mobile client app authenticates with BTP mobile services using the OAuth2 provided by SAP BTP SDK for iOS and SAP BTP SDK for Android. More information can be found here. A developer obtains the OAuth parameters for the Mobile Development Kit app, e.g.
RedirectUrl, from mobile services cockpit and configures the Application Connection Information in the
BrandedSettings.json under the
Mobile Development Kit Web App¶
A Mobile Development Kit web runtime app runs in BTP as an HTML5 application. For a web runtime app running in BTP Neo, users authenticate with the IDP using SAML2. For a web runtime app running in BTP Cloud Foundry, users authenticate with the IDP using SAML2 as part of the OAuth2 authorization flow with UAA. To make an app publicly accessible, the developer can switch off the authentication by setting the
authenticationMethod to "none" in the
xs-app.json for Neo and Cloud Foundry respectively.
User authorization of a web runtime app is not different from that of a generic HTML5 web app in BTP. Please refer to BTP authorization for details. Developers can configure the
neo-app.json and the scope in
xs-app.json of their web runtime apps.