Set up your HTTP client to use the authentication type.
The authentication information should be sent to SAP Mobile Platform for
all requests that require authentication. The credentials are based on the domain and
type of security configuration. Credentials should be provided in the header.
Rules for SAP Mobile Platform to determine the domain in the request:
- If the X-SUP-DOMAIN HTTP header is included in request, its value will be used
as SAP Mobile Platform domain. If the specified domain does not
exist, 404 error will be returned to the remote client.
- If X-SUP-DOMAIN HTTP header is not included in the request, and there is a
SAP Mobile Platform domain which is the name same as the
requested host name, the SAP Mobile Platform domain will be
used.
- If the request does not include the HTTP header, then default domain will
be used.
Rule for SAP Mobile Platform to determine the security configuration in the request:
- If the security configuration name is specified in the username in case of basic
authentication, it will be used for authentication and authorization.
- If the X-SUP-SC HTTP header is included in request, its value will be used as
security configuration. If the specified security configuration does not exist,
404 error will be returned to the remote client.
- If the security configuration is not assigned to a specific
SAP Mobile Platform domain, 403 error will be returned to
remote client.
- If the X-SUP-SC HTTP header is included in request, the default security
configuration of the determined SAP Mobile Platform domain will be
used for authentication and authorization.