Update from SAP DITA CMS (squashed):

commit 0a3f4cfbdf7ec1940953672708ed44792a3433f7 Author: REDACTED Date: Wed Aug 9 06:44:47 2023 +0200 Update from SAP DITA CMS ( 2023-08-09_06:44:46 ) Project: loioc2f780f61c744155b0bd42b6f38fb70c (jjq1673438782153.project) * Project map: loioc2f780f61c744155b0bd42b6f38fb70c (ece1671458061492.ditamap) * Output: loio2080d0faf9d84ce6aa14caa4caa32935 * Buildable map: loio0fcfe38e11674227bb0a8d014337319b (cbd1671459393582.ditamap) * Language: en-US commit 334f22a5a518258332a55b465a64e3959c2b79a2 Author: REDACTED Date: Mon Aug 7 19:10:58 2023 +0200 Update from SAP DITA CMS ( 2023-08-07_19:10:57 ) Project: loioc2f780f61c744155b0bd42b6f38fb70c (jjq1673438782153.project) * Project map: loioc2f780f61c744155b0bd42b6f38fb70c (ece1671458061492.ditamap) * Output: loio2080d0faf9d84ce6aa14caa4caa32935 * Buildable map: loio0fcfe38e11674227bb0a8d014337319b (cbd1671459393582.ditamap) * Language: en-US ################################################## [Remaining squash message was removed before commit...]
SAP-docs · Aug 9, 2023 · f2fd68d · f2fd68d
1 parent 4e1fb07
commit f2fd68d
Show file tree

Hide file tree

Showing 77 changed files with 2,558 additions and 1,803 deletions.
diff --git a/docs/10-concepts/abap-environment-11d6265.md b/docs/10-concepts/abap-environment-11d6265.md
@@ -4,7 +4,7 @@
 
 Within the Cloud Foundry environment, you can create a new space for ABAP development. This is what we refer to as the ABAP environment. It allows you to create extensions for ABAP-based products, such as SAP S/4HANA Cloud, and develop new cloud applications. You can transform existing ABAP-based custom code or extensions to the cloud.
 
-The ABAP environment is based on the latest ABAP platform cloud release that is also used for SAP S/4HANA Cloud. It leverages the innovations provided by SAP HANA. The software stack contains standard technology components that are familiar from the standalone Application Server ABAP. The ABAP environment supports the ABAP RESTful Application Programming Model including SAP Fiori and Core Data Services \(CDS\). SAP services and APIs are offered according to the new approach of released objects. The ABAP environment can be integrated with otherSAP BTP services, such as SAP Destination service, SAP Build Work Zone, standard edition, SAP Workflow Management, and SAP Interactive Forms by Adobe.
+The ABAP environment is based on the latest ABAP platform cloud release that is also used for SAP S/4HANA Cloud. It leverages the innovations provided by SAP HANA. The software stack contains standard technology components that are familiar from the standalone Application Server ABAP. The ABAP environment supports the ABAP RESTful Application Programming Model including SAP Fiori and Core Data Services \(CDS\). SAP services and APIs are offered according to the new approach of released objects. The ABAP environment can be integrated with other SAP BTP services, such as SAP Destination service, SAP Build Work Zone, standard edition, SAP Workflow Management, and SAP Interactive Forms by Adobe.
 
 For information about regional availability, see [Regions and API Endpoints for the ABAP Environment](regions-and-api-endpoints-for-the-abap-environment-879f373.md).
 
@@ -29,5 +29,3 @@ For information about regional availability, see [Regions and API Endpoints for
 
 [Tutorials](https://developers.sap.com/tutorial-navigator.html?tag=software-product%3Atechnology-platform%2Fsap-business-technology-platform%2Fsap-btp-abap-environment)
 
-[Video Tutorials](https://www.youtube.com/playlist?list=PLkzo92owKnVxWqJSoFLGe1VRkzOs4Ucdr)
-
diff --git a/docs/10-concepts/kyma-modules-0dda141.md b/docs/10-concepts/kyma-modules-0dda141.md
@@ -6,13 +6,11 @@ With Kyma's modular approach, you can install just the modules you need, instead
 
 
 
-You can choose to enable any modules as required. Learn how to enable a module under [Enable and Disable a Kyma Module](../50-administration-and-ops/enable-and-disable-a-kyma-module-1b548e9.md#loio1b548e9ad4744b978b8b595288b0cb5c).
+You can choose to enable any modules as required; see [Enable and Disable a Kyma Module](../50-administration-and-ops/enable-and-disable-a-kyma-module-1b548e9.md#loio1b548e9ad4744b978b8b595288b0cb5c). To find out which module version is running on your cluster, go to Kyma Dashboard.
 
-To find out which module version is running on your cluster, go to Kyma Dashboard.
-
-Step by step, all Kyma components are converted to modules that work independently from each other.
-
-> ### Caution:  
+> ### Remember:  
+> Step by step, all Kyma components are converted to modules that work independently from each other.
+> 
 > Table entries marked with “\*” are still components and will be modularized soon.
 
 

diff --git a/docs/10-concepts/what-is-the-consumption-based-commercial-model-7047eb4.md b/docs/10-concepts/what-is-the-consumption-based-commercial-model-7047eb4.md
@@ -60,7 +60,7 @@ If you want information about the **Pay-As-You-Go for SAP BTP for Partners** com
 </table>
 
 > ### Note:  
-> -   In global accounts that use the consumption-based commercial model, SAP BTP, Cloud Foundry Runtime is not listed in the *Entitlements* pages in the SAP BTP cockpit. A quota limit of 50 GB of Cloud Foundry Runtime memory is assigned by default to every subaccount.
+> -   In global accounts that use the consumption-based commercial model, SAP BTP, Cloud Foundry Runtime is not listed in the *Entitlements* pages in the SAP BTP cockpit. A quota limit of 200 GB of Cloud Foundry Runtime memory is assigned by default to every subaccount.
 > -   If you need to increase this limit, report an incident to [SAP support](https://support.sap.com) on the BC-NEO-CIS component. This also applies to other services that have a technical quota limit.
 
 > ### Tip:  

diff --git a/docs/30-development/application-overview-2c8f2bd.md b/docs/30-development/application-overview-2c8f2bd.md
@@ -6,7 +6,7 @@ Customer Data Browser is a self-service application that you can use to view dat
 
 The CDS views and database tables allowed for user access by SAP in the Customer Data Browser app are called Customer Data Browser objects.
 
-You can create Customer Data Browser objects using the ABAP Development Tools \(ADT\). For more information, see .
+You can create Customer Data Browser objects using the ABAP Development Tools \(ADT\). For more information, see [Working with Customer Data Browser Objects](https://help.sap.com/docs/btp/sap-abap-development-user-guide/working-with-customer-data-browser-objects?version=Cloud).
 
 
 

diff --git a/docs/30-development/best-practices-when-handling-access-tokens-8d39ef3.md b/docs/30-development/best-practices-when-handling-access-tokens-8d39ef3.md
@@ -0,0 +1,309 @@
+<!-- loio8d39ef36427f489aa50c8e4e12c336d0 -->
+
+# Best Practices When Handling Access Tokens
+
+Calls to SAP Authorization and Trust Management service can fail for many reasons, including network latency, connection errors, service downtime, idle connections closed by routing components and so on. The following sections provide recommendations on when to retry connections and the caching of tokens.
+
+How your application handles access tokens has an impact on its resiliency. Cache tokens to avoid running into the rate limiting restrictions of the SAP Authorization and Trust Management service. Retry with cached tokens instead of always getting a new one.
+
+
+
+<a name="loio8d39ef36427f489aa50c8e4e12c336d0__section_izc_qzn_fyb"/>
+
+## Retry Mechanism
+
+When your application or service tries to get a token and fails, retry the connection. A retry mechanism helps your application handle temporary issues. We recommend retrying token retrieval three times by default. The following table lists when to retry and how often.
+
+**Retry and Backoff for Different HTTP Responses**
+
+
+<table>
+<tr>
+<th valign="top">
+
+Event Type
+
+
+
+</th>
+<th valign="top">
+
+HTTP Status Code
+
+
+
+</th>
+<th valign="top">
+
+Retry
+
+
+
+</th>
+<th valign="top">
+
+Backoff Policy
+
+
+
+</th>
+</tr>
+<tr>
+<td valign="top">
+
+Connection error
+
+
+
+</td>
+<td valign="top">
+
+None
+
+
+
+</td>
+<td valign="top">
+
+Yes, retry up to three times.
+
+
+
+</td>
+<td valign="top" rowspan="2">
+
+Initial retry after 300 ms with a multiplier of 2.
+
+
+
+</td>
+</tr>
+<tr>
+<td valign="top">
+
+Timeout
+
+
+
+</td>
+<td valign="top">
+
+-   408: Request timeout
+
+-   502: Bad gateway
+
+    For example, request timeout from a Cloud Foundry Gorouter.
+
+-   504: Gateway timeout
+
+
+
+
+</td>
+<td valign="top">
+
+Yes, retry up to three times.
+
+
+
+</td>
+</tr>
+<tr>
+<td valign="top">
+
+Rate Limiting
+
+
+
+</td>
+<td valign="top">
+
+429: Too many requests
+
+
+
+</td>
+<td valign="top">
+
+Yes, retry up to three times.
+
+
+
+</td>
+<td valign="top">
+
+Base retry on the `Retry-After` header.
+
+
+
+</td>
+</tr>
+<tr>
+<td valign="top">
+
+Other Events
+
+
+
+</td>
+<td valign="top">
+
+-   500: Internal server error
+
+-   503: Service unavailable
+
+
+
+
+</td>
+<td valign="top">
+
+Yes, retry up to three times.
+
+
+
+</td>
+<td valign="top">
+
+Initial retry after 1000 ms with a multiplier of 3.
+
+
+
+</td>
+</tr>
+<tr>
+<td valign="top">
+
+Access Control
+
+
+
+</td>
+<td valign="top">
+
+-   401: Unauthorized
+
+-   403: Forbidden
+
+
+
+
+</td>
+<td valign="top">
+
+No, don't retry.
+
+
+
+</td>
+<td valign="top">
+
+None.
+
+
+
+</td>
+</tr>
+</table>
+
+
+
+<a name="loio8d39ef36427f489aa50c8e4e12c336d0__section_fzh_ccp_fyb"/>
+
+## Token Cache
+
+We recommend that you cache access tokens in your application as long as they're valid, instead of always getting a new token. If you constantly get a new token, you risk running up against the rate limits in the service and downtime for your application.
+
+For more information, see .[Rate Limiting](../60-security/rate-limiting-d203e2d.md)
+
+Having a local cache also improves the performance of your applications.
+
+Implement a method to remove invalid tokens from your cache. When your application calls with a token from your cache and receives the return codes in the following table, remove the token from your cache and request a new token.
+
+**Triggers for Removing Tokens from Your Cache**
+
+
+<table>
+<tr>
+<th valign="top">
+
+HTTP Status Code
+
+
+
+</th>
+<th valign="top">
+
+Potential Causes
+
+
+
+</th>
+<th valign="top">
+
+Application Response
+
+
+
+</th>
+</tr>
+<tr>
+<td valign="top">
+
+401: Unauthorized
+
+
+
+</td>
+<td valign="top">
+
+-   The signing key of the token was rotated.
+
+    For more information, see [Rotate Signing Keys of Access Tokens](../50-administration-and-ops/rotate-signing-keys-of-access-tokens-b279adf.md).
+
+-   Token expired and your application hasn't removed it from your cache yet.
+
+
+
+
+</td>
+<td valign="top" rowspan="2">
+
+Remove the token from the cache and request a new token.
+
+
+
+</td>
+</tr>
+<tr>
+<td valign="top">
+
+403: Forbidden
+
+
+
+</td>
+<td valign="top">
+
+Occurs if the token is valid but a scope is missing.
+
+> ### Note:  
+> Scopes of the client or user can have changed during the caching period.
+
+
+
+</td>
+</tr>
+</table>
+
+> ### Tip:  
+> SAP Authorization and Trust Management service ensures that key remain valid for 2 hours after key rotations. Exception: When subaccount administrators force a key rotation, the key is immediately invalid. We recommend that you configure your cache with a 2-hour time-to-live \(TTL\). If you use a longer TTL, your application must be able to invalidate cache entries when the service responds with 401. Have your application only retry once on failure.
+
+> ### Restriction:  
+> When administrators force key rotation, applications that use cached tokens must accept a downtime until their caches have been cleared.
+
+**Related Information**  
+
+
+[https://github.com/SAP/cloud-security-services-integration-library/tree/main/token-client\#cache-configuration](https://github.com/SAP/cloud-security-services-integration-library/tree/main/token-client#cache-configuration "cloud-security-services-integration-library on Github")
+