cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP PI Rest Security

Go to solution
Sunslayer86
Explorer

on ‎06-13-2016 9:00 PM

0 Kudos

We are looking for a way to manage access control/authorization to Rest services based on user identity. Our organization offers various Rest services that run on SAP Process Integration (PI). Currently, all rest services calls have to be authenticated in SAP PI where PI users are already required that they send their credentials on every request. A user with a valid PI logon has access to any of the rest web services in PI. Managing access control is not possible in SAP PI Rest. Does anyone have any ideas of solutions to allow only specific users to access specific Rest services in PI?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

bhavesh_kantilal
Active Contributor
‎06-14-2016 4:59 AM

Hello Chris,

In your Integrated Configuration, have you looked at the Assigned Users Tab? This is equivalent to the ACL concept where once you enter a list of Users here, only those users will be allowed access to the Interface.

Would this work?

Regards,

Bhavesh

Show replies
Show replies
Sunslayer86
Explorer
‎06-14-2016 5:18 PM
0 Kudos

We've already looked at ACL based authorization. Per SAP, ACL does not support REST adapters.

http://help.sap.com/saphelp_nw73/helpdata/en/e7/dfad6ca36342f2ba30d7fce5f3d816/content.htm

bhavesh_kantilal
Active Contributor
‎06-14-2016 5:22 PM
0 Kudos

My bad, thanks for pointing out..!

vadimklimov
Active Contributor
‎06-14-2016 5:46 PM
0 Kudos

Hi Chris, Bhavesh,

REST adapter didn't support ACLs at a time when it was introduced, but some time later ACLs support was added to it (starting from 7.31 SP17 / 7.4 SP13 / 7.5 SP01) - refer to SAP Note 2182880.

Regards,

Vadim

Answers (0)

Ask a Question