Retrieve logged user information from cloud foundry web application

Question

We developed a web application using SAP Web-IDE Full Stack; we need to retrieve the details of the user logged into application (as defined in SAP Cloud Platform Identity A

Answer 1

In SAP Cloud Foundry if you develop a MTA using XSUAA service to manage User Authentication and Admistration, defined for example in the mta.yaml,

...
resources:
  - name: uaa_myapp
  parameters:
    path: ./xs-security.json
    service-plan: application
    service: xsuaa
  type: org.cloudfoundry.managed-service
...

you can use the UAA API published from XSUAA service self to manage user authentication and authorization (e.g.: retrieve user info, groups assigned, password management etc..). also in the case the application is federated with another IDP.

To consume this API for example to retrieve user info you need to:

1. Determine the XSUAA endpoint bound to your app (SCP Cockpit > XSUAA service detail > take the value url)
2. Create a destination (xsuaa_api_destination) of type OAuth2TokenExchange bound to your app with url url took before, and fill OAuth2 authentication parameters with the data contained in XSUAA service detail (step 1).
3. From your app execute the call xsuaa_api_destination/userinfo, for example using an ajax if you are using JS.

You can find other info in Account and Authentication Service of the Cloud Foundry Environment SAP doc.