You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are trying to implement SAP BTP Multi-Region reference architectures for High Availability and Resiliency.
We have deployed nodeJS application (microservice) to Cloud Foundry in Canada (ca10) region. This application basically provides https REST endpoint. Consumer applications need to authenticate using OAuth 2.0 before they can use this application. We want to avoid any downtime to this application due to planned BTP downtimes (quarterly max 4 hrs) and even any unplanned downtimes. We want to implement multi-region architecture by deploying this nodeJS application in lets say Europe region- cloud foundry subaccount too in addition to canada region. We referred SAP's reference architecture and decided to use AWS Route53 for DNS failover load balancer.
However, we dont understand how consumer applications can access authenticate against nodeJS application using OAuth 2.0 since service keys for XSUAA application in both regions (subaccounts) will be different. Consumer applications will have to use 2 different OAuth 2.0 token endpoints. If they have cached token from Canada region, it wont work for Europe region. Also if they cannot fetch token from Canada region (if its down), , they will have to fetch token from Europe region using separate URL. We were recommended IAS, however the problem remains same as IAS is also subaccount specific service and will have planned downtimes. Can this problem be resolved?
The text was updated successfully, but these errors were encountered:
Hello @mahesh0431 : Is that your recommended reference architecture for enabling BTP multi region? IAS then becomes a mandatory component in this architecture which can synchronize a common set of credentials for the BTP Application/Service. Please clarify.
We are trying to implement SAP BTP Multi-Region reference architectures for High Availability and Resiliency.
We have deployed nodeJS application (microservice) to Cloud Foundry in Canada (ca10) region. This application basically provides https REST endpoint. Consumer applications need to authenticate using OAuth 2.0 before they can use this application. We want to avoid any downtime to this application due to planned BTP downtimes (quarterly max 4 hrs) and even any unplanned downtimes. We want to implement multi-region architecture by deploying this nodeJS application in lets say Europe region- cloud foundry subaccount too in addition to canada region. We referred SAP's reference architecture and decided to use AWS Route53 for DNS failover load balancer.
However, we dont understand how consumer applications can access authenticate against nodeJS application using OAuth 2.0 since service keys for XSUAA application in both regions (subaccounts) will be different. Consumer applications will have to use 2 different OAuth 2.0 token endpoints. If they have cached token from Canada region, it wont work for Europe region. Also if they cannot fetch token from Canada region (if its down), , they will have to fetch token from Europe region using separate URL. We were recommended IAS, however the problem remains same as IAS is also subaccount specific service and will have planned downtimes. Can this problem be resolved?
The text was updated successfully, but these errors were encountered: