Authentication in Node.js SAP Cloud Foundry Applications


Dear SAPLearners, in this blog post we will learn about Authentication in Node.js SAP Cloud Foundry Applications

✋ Prerequisites

🔥 CF Login

Firstly, before creating any SAP Cloud Foundry applications we need to login locally from cf CLI. Run the following command in command prompt or terminal.

cf login

Enter API Endpoint, Email and Password of your SAP Cloud Foundry account.

After successful authentication you will see details like organisation, space etc.. like below.

📚 Step-by-Step Procedure

1. Create a new folder scp-node-tutorial and add xs-security.json file with below code:

"xsappname" : "nodeauthapp",
"tenant-mode" : "dedicated"

2. Create an UAA service instance with name mynodeuaa by using following cloud foundry CLI command

cf create-service xsuaa application mynodeuauu -c xs-security.json

💡 Authentication is SAP Cloud Foundry uses the User Account and Authentication service (UAA) and the application router to manage user logon and logoff requests.

3. The service instance is successfully created.🤗 🤗

4. After that, create a new file called manifest.yml in the folder and bound UAA service instance created above to the Node.js application. The code will be like below.

    - name: nodeauthapp
      host: nodeauthapp
      path: web
      memory: 128M
        - mynodeuaa

5. Subsequently, create 2 new folders web and resources and navigate to web folder and run following command.

npm init

6. This will create a new package.json file

7. Most importantly, to install XS Advanced security package and passport node package with following command.

npm install -–save @sap/approuter @sap/xssec passport

8. Create a new file start.js inside web folder and copy the below code.

const express = require('express');
const passport = require('passport');
const xsenv = require('@sap/xsenv');
const JWTStrategy = require('@sap/xssec').JWTStrategy;

const app = express();

const services = xsenv.getServices({ uaa:'mynodeuaa' });

passport.use(new JWTStrategy(services.uaa));

app.use(passport.authenticate('JWT', { session: false }));

app.get('/', function (req, res, next) {
  res.send('Application user: ' +;

const port = process.env.PORT || 3000;
app.listen(port, function () {
  console.log('myapp listening on port ' + port);

the above code will authenticate the request by checking JWT token in the request by using JWTStrategy provided by the @sap/xssec package.

9. Finally, we need to serve the static content, to do that navigate to resources folder and add index.html file which will be application start page. Sample code below

	<title>Node Js App with Authentication</title>
  <h1>Java Script Application with CF Authentication</h1>
  <h1>React App</h1>

10. Above all, create an empty xs-app.json file under the web folder, for now it will be empty in next tutorial we will leverage the file( so stay tuned…😀).

11. We are done with necessary coding part and application folder structure will look like below.

12. Deploy the Node.js application to cloud foundry. Run the following command in the main folder (where you have manifest.yml file…)

cf push

13. Deploying the application takes some time, during deployment you will the status in the terminal.

14. After the successful deployment you will see below screen.

15. You can find the URL of the Node.js application from the above image and open it in a web browser.

16. You will be asked to enter credentials. Enter the SAP Cloud Platform credentials and logon.

17. Wohoo!!! 🤩🤩🤩 after successfully authentication you will see application start page.


Congrats!!! you have successfully learned about Authentication in SAP Cloud Foundry Node.js Applications.

Please feel free to comment and let us know your feedback. Subscribe for more updates

If you liked it ❤️, please share it! Thanks! 🙏