Stats
Actions
Tags
From sap-btp-connectivity
Guides SAP BTP connectivity setup: destinations (HTTP, RFC, LDAP, TCP), Cloud Connector for on-premise access, Kubernetes/Kyma proxies, OAuth/principal propagation, multitenancy, and troubleshooting errors (405, 407, 503).
How this skill is triggered — by the user, by Claude, or both
Slash command
/sap-btp-connectivity:sap-btp-connectivityThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- **sap-btp-cloud-platform**: Use for platform fundamentals, BTP account setup, and integration patterns
README.mdreferences/advanced-configuration.mdreferences/authentication-types.mdreferences/cloud-connector.mdreferences/connectivity-alternatives-and-config.mdreferences/destination-service-api.mdreferences/http-destinations.mdreferences/identity-propagation-scenarios.mdreferences/java-sdk-development.mdreferences/kubernetes-connectivity.mdreferences/mail-protocols.mdreferences/mail-tcp-ldap-destinations.mdreferences/operational-guides.mdreferences/rfc-destinations.mdreferences/troubleshooting.mdtemplates/connectivity-proxy-values.yamltemplates/destination-http-oauth.jsontemplates/destination-onpremise.jsontemplates/transparent-proxy-values.yamlSAP BTP Connectivity provides secure access from SAP BTP applications to remote services across cloud, on-premise, and VPC environments.
| Component | Purpose |
|---|---|
| Destination Service | Manages connection metadata, authentication, routing |
| Connectivity Service | Enables Kubernetes workloads via Cloud Connector |
| Cloud Connector | Reverse proxy for secure on-premise tunneling |
| Connectivity Proxy | Kubernetes component for on-premise access |
| Transparent Proxy | Kubernetes component for unified destination access |
Supported Environments: Cloud Foundry, ABAP Environment, Kyma
Supported Protocols: HTTP/HTTPS, RFC, TCP (SOCKS5), LDAP/LDAPS, Mail
Name: my-destination
Type: HTTP
URL: [https://api.example.com](https://api.example.com)
ProxyType: Internet
Authentication: OAuth2ClientCredentials
clientId: <your-client-id>
clientSecret: <your-client-secret>
tokenServiceURL: [https://auth.example.com/oauth/token](https://auth.example.com/oauth/token)
[https://localhost:8443](https://localhost:8443`)Administrator / manage (change immediately)const { getDestination } = require('@sap-cloud-sdk/connectivity');
const destination = await getDestination({ destinationName: 'my-destination' });
ProxyType: Internet
Authentication: OAuth2ClientCredentials | OAuth2SAMLBearerAssertion
ProxyType: OnPremise
Authentication: BasicAuthentication | PrincipalPropagation
Requires Cloud Connector installation in on-premise network.
For on-premise systems accessing SAP BTP services via Cloud Connector.
| Type | Use Case | ProxyType | Common Authentication |
|---|---|---|---|
| HTTP | REST/OData APIs | Internet/OnPremise | OAuth2, Basic, Certificates |
| RFC | SAP systems | OnPremise | Basic, PrincipalPropagation |
| LDAP | Directory services | Internet | Basic, NoAuth |
| Email protocols | Internet | Basic, NoAuth | |
| TCP | Generic TCP | OnPremise | Basic |
Detailed configuration: See references/http-destinations.md, references/rfc-destinations.md, references/mail-tcp-ldap-destinations.md
Authentication: OAuth2ClientCredentials
clientId: <client-id>
clientSecret: <client-secret>
tokenServiceURL: [https://auth.example.com/oauth/token](https://auth.example.com/oauth/token)
Authentication: OAuth2SAMLBearerAssertion
audience: <target-audience>
clientKey: <client-key>
tokenServiceURL: [https://auth.example.com/oauth2/token](https://auth.example.com/oauth2/token)
KeyStoreLocation: <certificate-location>
Authentication: PrincipalPropagation
ProxyType: OnPremise
Requires Cloud Connector X.509 certificate generation.
Complete reference: references/authentication-types.md (all 17+ types)
[https://<hostname>:8443](https://:8443`)Administrator / manageConfigure on-premise resource access:
Complete guide: references/cloud-connector.md
Enables Kubernetes workloads to access on-premise systems.
Installation:
helm install connectivity-proxy \
oci://registry-1.docker.io/sapse/connectivity-proxy \
--version <version> --namespace <namespace> -f values.yaml
Exposes BTP destinations as Kubernetes Services.
Installation:
helm install transparent-proxy \
oci://registry-1.docker.io/sapse/transparent-proxy \
--version <version> --namespace <namespace> -f values.yaml
Usage: Create Destination Custom Resource, access as Kubernetes Service.
Complete configuration: references/kubernetes-connectivity.md
| Code | Cause | Solution |
|---|---|---|
| 400 | Malformed request | Check request syntax |
| 401 | Authentication failure | Verify credentials/tokens |
| 405 | HTTPS instead of HTTP | Use [http://](http://`) with port 20003 |
| 407 | Missing authorization | Add Proxy-Authorization: Bearer <token> |
| 503 | Cloud Connector offline | Check CC connection and Location ID |
Cannot connect to subaccount:
Access denied to resource:
Complete troubleshooting: references/troubleshooting.md
references/http-destinations.md - Complete HTTP destination propertiesreferences/rfc-destinations.md - RFC destination properties and poolingreferences/mail-tcp-ldap-destinations.md - Mail, TCP, LDAP configurationreferences/authentication-types.md - All 17+ authentication configurationsreferences/cloud-connector.md - Cloud Connector setup and configurationreferences/kubernetes-connectivity.md - Connectivity Proxy and Transparent Proxyreferences/destination-service-api.md - REST API referencereferences/advanced-configuration.md - MTA, config.json, chaining, ZTISreferences/identity-propagation-scenarios.md - ABAP, NetWeaver Java, custom IDPreferences/operational-guides.md - Network zones, solution managementreferences/connectivity-alternatives-and-config.md - Reverse proxy, user roles, RFC configreferences/java-sdk-development.md - Java APIs, JCo, SAP Cloud SDKreferences/mail-protocols.md - SMTP, IMAP, POP3 configurationtemplates/destination-http-oauth.json - HTTP destination with OAuth templatetemplates/destination-onpremise.json - On-premise destination templatetemplates/connectivity-proxy-values.yaml - Helm values for Connectivity Proxytemplates/transparent-proxy-values.yaml - Helm values for Transparent ProxyLast Updated: 2025-11-27
Next Review: 2026-02-27
Source: https://github.com/SAP-docs/btp-connectivity (383 files, 352+ analyzed)
npx claudepluginhub secondsky/sap-skills --plugin sap-btp-connectivityProvides reference for SAP BTP Cloud Platform: account setup, Cloud Foundry/Kyma/ABAP environments, entitlements/quotas, XSUAA security, connectivity (destinations/Cloud Connector), MTA deployments, btp/CF CLI, and CI/CD.
Provides SAP BTP best practices for enterprise architecture, account hierarchies, security, authentication, CI/CD pipelines, governance, failover, and operations. Use for BTP planning and implementation.
Guides development of business apps on SAP BTP using CAP (Node.js/Java) or ABAP Cloud, for Cloud Foundry/Kyma deployments, HANA integration, Fiori UIs, CI/CD pipelines, and observability.