SAP Sport Sponsorships Engine Security Webservices API - Overview

The SAP Sport Sponsorships Engine (SSE) and the applications built with it support security with various authentication and authorization facilities. This module offers REST services that can be used to log in and log out a subject, obtain a bearer token for a subject and manage security concerns. By default, the base URL for these services is "/security", so a full login URL, for example, could be See also here for more details on the permission concepts implemented.

For questions and support please get in touch through

Request Header Fields Description
defaultTenant Request will be executed under a specified default tenant. This will specifically affect created items.
Example: "defaultTenant:{valid UserGroup id}"
X-Client-Locale Sets a specified client locale for a request. The locale is required to be in IETF BCP 47 format. If no locale is given, the default is English("en")
Example: "X-Client-Locale:en"
X-SAPSSE-Forward-Request-To Specifies a target group for the request to be forwarded to. Valid values are "master" and "replica"
Example: "X-SAPSSE-Forward-Request-To:master"
Webservice URL Description
/security/api/restsecurity/create_user Create a user
/security/api/restsecurity/change_password Change a user's password
/security/api/restsecurity/forgot_password Trigger the process of password recovery
/security/api/restsecurity/user Read, update or delete a user
/security/api/restsecurity/get_roles_for_user Query the roles a user has been assigned
/security/api/restsecurity/add_role_to_user Adds a role to a user
/security/api/restsecurity/has_permission Check whether the subject has one or more permissions.
/security/api/restsecurity/users_with_permission Finds the usernames of those users who have the permission specified
/security/api/restsecurity/role Create, read, update or delete a role
/security/api/restsecurity/usergroup Read, update or delete a user group
/security/api/restsecurity/access_token Obtain a bearer access token
/security/api/restsecurity/hello Test that a subject is authenticated
/security/api/restsecurity/remove_access_token Remove an existing access token, rendering it invalid for authenticating to the server
/security/api/restsecurity/ownership Change Object ownership
/security/api/restsecurity/usergroups/setDefaultTenantForCurrentServerAndUser Allows to set a default tenant for the current user
/security/api/restsecurity/usergroups/addAnyUserToGroup Allows to add a user to a group without permissions on the user.
/security/api/restsecurity/usergroups/readable Lists all usergroups the current user or any user has readable permission for
/security/api/restsecurity/preferences/{SETTINGS_KEY} Stores a document into the preferences of a user
/security/api/restsecurity/preferences/{SETTINGS_KEY} Retrieves a document that was stored into the preferences of a user
/security/api/restsecurity/preferences/{SETTINGS_KEY} Removes a document from the preferences of a user