Symptom
Client would like to restrict console application full API access when using access token:
An application in our landscape wants to make a server to server call to get the id_token by calling the accounts.getJWT API as they are not passing user credentials(password).
But for the application to be able to call this API, "Full API Access" seems to be needed in the permission group.
Since this gives access to other APIs as well,
1.Is there a way to limit the application access to only few required APIs?
2.Are there any other APIs which can return id_token but do not need Full API Access to be configured in CDC?
Read more...
Environment
SAP Customer Data Cloud
Product
Keywords
CDC, token, Customer Data Cloud, getJWT, console application , KBA , CEC-PRO-API , Core REST API & Server SDKs (JWT / PHP / Java) , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.