We are looking for a way to manage access control/authorization to Rest services based on user identity. Our organization offers various Rest services that run on SAP Process Integration (PI). Currently, all rest services calls have to be authenticated in SAP PI where PI users are already required that they send their credentials on every request. A user with a valid PI logon has access to any of the rest web services in PI. Managing access control is not possible in SAP PI Rest. Does anyone have any ideas of solutions to allow only specific users to access specific Rest services in PI?
↧