Show TOC

Setting Authorizations for CardsLocate this document in the navigation structure

By setting authorization on cards, you can ensure that the user only see cards or a preview of content from an application for which the user has access rights.

An overview page provides a wide overview to the end user in that they can look at and interact with business data in a specific domain. A user can perform key actions such as clicking on a particular card and navigating to another application. But what if the user does an intent-based navigation to another application and gets an error because they're not authorized to access that application?

To improve the user experience, you can use the (optional) property requireAppAuthorization during card configuration in the manifest.json file. In this property, you can enter an app and once entered, it will be checked against isIntentSupported to see if the user has the app within their role. If so, the card will then be displayed. The advantage here is that the intent could be set explicitly and only if it's required for this card, it will work for cards that don't have an intent within its annotation.

Also, isIntentSupported is standard functionality in the Cross Application Navigation Service.

Sample Code 
"sap.ovp":  {
	...
		"cards":  {
			...
			"card01": {
      		"model": "salesOrder",
      		"template": "sap.ovp.cards.stack",
      		"settings": {
        		"category": "Sales Orders",
        		"description": "Stack Card",
        		"requireAppAuthorization" : "#Action-toappnavsample",
        		 "entitySet": "SalesOrderSet"
					}
     			},
	...
}