Need help with creating multitenant application and design
I need your help with the following requirement:
I have 2 applications App1 and App2. Both apps are deployed on a provider account.
My end users get only App1 as a subscription. They do not get direct access to App2.
App1 uses a service of the App2 which is exposed as a rest API.
App2 is a simple web app that manages a DB table implemented with JPA and it's ui is build with UI5.
App2 has 2 roles Administrator and Developer. The response of the App2 service depends on a user role.
Only an administrator knows the direct URL to the App2.
All end users of the App1 are assigned to the Developer role. App1 calls App2 service via configured destination in the provider account.
My problem is that when an App1 user performs and action that triggers access to App2 he gets access denied 401.
It seems that when the request arrives to App2 service it does not recognizes that a user belongs to Developer role.
Do I need to configure / develop something to make the following design work ?