Configure the Authentication

In this task, you learn how to configure the authentication settings for your launchpad.



  1. In the Cockpit, go to Administration and click Launchpad.

    Result: The table of existing launchpads open.

  2. Click on the launchpad you want to configure.

    Result: The settings of the launchpad open in the General tab.

  3. Click Edit.

  4. Go to the Authentication tab.

  5. In the Settings section, set the server URL. You can connect to your Neptune DXP using the SAP Mobile Platform or using the Neptune RESTful internet service.

    • To connect using the SAP Mobile Platform, specify the URL of your SMP server.

    • To connect using the Neptune RESTful internet service on an ABAP stack, provide the URL of the SAP ABAP Web Application Server where your Neptune DXP is installed. You can provide the name of the main Neptune internet service node or a sub-node.

  6. In the SAP-Client section, set the client number of the SAP system.

  7. In the SAP-Language section, you can set the default language of your SAP System.

  8. In the Login Page section, you can link a login page layout to your login page.

    You can create templates and layouts for login pages with Login Page.
  9. In the ICF Subnode section, you can choose to run your mobile client in a dedicated ICF subnode. Your subnode must be created in the /neptune/ ICF node.

  10. In the External Alias section, you can configure an external alias. An External Alias will allow you to create an additional entry node which you can map to the general /neptune/ ICF node.

    You can find additional information about external alias in the SAP documentation.
  11. In the CSRF Protection section, you can enable CSRF protection.

    When the launchpad is initially opened, a CSRF token is requested from the Neptune Server and stored inside a cookie. This token will be sent to the Neptune Server with an HTTP Header field in every ajax call triggered by your applications running inside Neptune Desktop Launchpad. If the token sent with the HTTP Header does not match the value stored inside the cookie, the server will reply with an error.
  12. In the Same Origin Protection section, you can disable same origin protection.

    The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps isolate potentially malicious documents, reducing possible attack vectors.
  13. In the Two Factor Authentication section, you can enable two-factor authentication.

    When you enable Two Factor Authentication, users must authenticate with an additional code. As a default the code is sent during the logon process. The default delivery is a 6-digit code sent to the user’s email specified in the user master record in SAP.
  14. Click Save.


  • You have configured the authentication settings for your launchpad.