HTML5 applications may be protected by permissions.
SAP Business Technology Platform, Neo environment will sunset on December 31, 2028, subject to terms of customer or partner contracts.
For more information, see SAP Note 3351844.
This documentation refers to SAP Business Technology Platform, Neo environment. If you are looking for documentation about other environments, see SAP Business Technology Platform
↗️ .
Permissions for an HTML5 application are defined in the application descriptor file. For more information about how to define permissions for an HTML5 application, see Authorization.
Permissions defined in the application descriptor are only effective for the active application version. To protect non-active application versions, the default permission NonActiveApplicationPermission is defined by the system for every HTML5 application.
To assign users to a permission of an HTML5 application, a role must be assigned to the corresponding permission. As a result, all users who are assigned to the role get the corresponding permission. Roles are not application-specific but can be reused across multiple HTML5 applications. For more information about creating roles and assigning roles to permissions, see Managing Roles and Permissions.
HTML5 application permissions can only protect the access to the REST service through the HTML5 application. If the REST service is otherwise accessible on the Internet or a corporate network, it must implement its own authentication and authorization concept..