SAP Knowledge Base Article - Preview

3512808 - Access Restrictions for applications calling accounts.getJWT

Symptom

Client would like to restrict console application full API access when using access token:

An application in our landscape wants to make a server to server call to get the id_token by calling the accounts.getJWT API as they are not passing user credentials(password).
But for the application to be able to call this API, "Full API Access" seems to be needed in the permission group.
Since this gives access to other APIs as well,
1.Is there a way to limit the application access to only few required APIs?
2.Are there any other APIs which can return id_token but do not need Full API Access to be configured in CDC?


Read more...

Environment

SAP Customer Data Cloud

Product

SAP Customer Data Cloud all versions

Keywords

CDC, token, Customer Data Cloud, getJWT, console application , KBA , CEC-PRO-API , Core REST API & Server SDKs (JWT / PHP / Java) , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.