From XSUAA to AMS: Architecting S4HANA CAP Extensions with Policy-Based Authorization

The blog is based on a practical vendor onboarding extension built with SAP CAP, Fiori Elements, standalone App Router, HANA, IAS and AMS.

The key focus is not just authentication — but how to model authorization using:

Stable CAP rolesAMS policiesCountry-based instance restrictionsFiori UI adaptation based on resolved authorization

This is a great way to understand the shift from XSUAA scope-based authorization to IAS + AMS policy-based authorization.

The blog is based on a practical vendor onboarding extension built with SAP CAP, Fiori Elements, standalone App Router, HANA, IAS and AMS.The key focus is not just authentication — but how to model authorization using:Stable CAP rolesAMS policiesCountry-based instance restrictionsFiori UI adaptation based on resolved authorizationThis is a great way to understand the shift from XSUAA scope-based authorization to IAS + AMS policy-based authorization. Read More Technology Blog Posts by SAP articles

#SAP

#SAPTechnologyblog

M	T	W	T	F	S	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Budget Bytes is about building apps for under $25, what’s the biggest myth about doing that?

Budget Bytes is about building apps for under $25, what’s the biggest myth about doing that?

Step Inside an AMD AAI Developer Event

Android Dev Zone Demos (Google I/O 2026)

From XSUAA to AMS: Architecting S4HANA CAP Extensions with Policy-Based Authorization

More From Author

Budget Bytes is about building apps for under $25, what’s the biggest myth about doing that?

Budget Bytes is about building apps for under $25, what’s the biggest myth about doing that?

Step Inside an AMD AAI Developer Event