CX Works

CX Works brings the most relevant leading practices to you.
It is a single portal of curated, field-tested and SAP-verified expertise for SAP Customer Experience solutions

SAP Customer Data Cloud: Client Side vs. Server Side Integrations

5 min read

SAP Customer Data Cloud Client and Server Side Best Practices

SAP Customer Data Cloud offers many APIs to implement Registration, Login, Consent and other flows.  We'll discuss the best practices and implementation methods for client side and server side approaches.

Table of Contents

Client Side Approach

When a "Client Side" approach is mentioned, it refers to a users browser or device communicating directly to SAP Customer Data Cloud. These requests are unsigned and the result is access to a user session. We offer our Web SDK (Javascript) and Mobile SDKs (iOS and Android) for orchestrating these requests.  

Both Web and Mobile allow you to leverage our Registration as a Service via the use of screen-sets.  

Advantages of Screen-Sets / Client Side SDK

  • Registration/Login flows pre-built, quick, and easy to implement
  • Shared user experience across all applications
  • Single place to update flow across all applications without modifying application code
  • Policies and security logic built in
  • Risk Based Authentication available
  • Error handling and schema dependencies built in
  • UI Builder to edit screens (WYSIWYG editor)
  • Secure User session created without server side code or application dependencies
  • Event handling Notifications
    • onLogin
    • onLogout
    • Screenset Events
  • SAP Customer Data Cloud APIs are rate-limited and application resources are not needed to proxy requests
  • LoginID's, Passwords, and PII are not exposed to application systems
  • Performance typically faster as no proxy delays SAP CDC requests 
  • Audit logs stored by SAP CDC

Our web/mobile SDKs are available to use without screen sets, however the logic for the login and registration flows, error handling will have to be developed per application. Also, future changes would require each application to update code prior to release. While customizing the user experience look/feel may entice you to use this method, think more of a hybrid approach to leverage the security and many other benefits of our client side SDKs.

Example Successful Login Sequence - Browser → SAP CDC

Cannot render diagram with PlantUML server


Server Side Approach

A server side approach makes all requests through from the browser to server to CDC. This type of a flow is not recommended as the amount of development needed is significant depending on the policies implemented.  Server side approaches have the ability to leverage one of Customer Data Cloud REST APIs, server side SDKs (Java, .NET, PHP ..) and sign the requests with a RSA Private Key. The application is now responsible for the flow, handling error conditions, auditing, and securing the application.

A typical use case for server side approach would be replacing legacy system server side APIs. If you have multiple applications using a single authentication system. Upgrading to CDC may be fastest to update the APIs to point to CDC. The upgrade approach of each site to use screen sets could then be road mapped.

A server side approach is unable to take advantage of feature requests without development. With new features like serve side Risk Based Authentication and IP Blocking/Allowlisting, server side approaches can limit requests to SAP CDC.


Example Server Side Successful Login Flow

Cannot render diagram with PlantUML server


Using Both Client and Server Side SDKs

Most implementations involve a mix of client and server side SDKs. Client side, login, registration, consent, security get the user into the application. Once the user has a valid session, the sync to the server.  Server side, the idToken is validated and additional actions is then done per business logic such as updating ID or account numbers. 

Recommended Best Practices

Client Side SDK uses

  • Login
  • Registration
  • Forgot Password 
  • Change Password
  • Password Reset
  • Security/Risk Based Authentication / TFA / Captcha
  • Consent Updates
  • Client Session
  • Social Login
  • Screensets
    • Consistent User Experience across application
    • Consent / Re-consent Flows
  • Single Sign On

Server Side SDK uses

  • session validation / synchronization
  • serverOnly field updates
  • extensions
  • webhooks
  • 3rd party integrations






Conclusion

Client side and server side uses cases can both be used to implement SAP CDC. Our recommended best practices take advantage of all the features and security that SAP CDC offers.  Also, performance and time to market are key reason to use this approach. Business reasons may require to use one or a combination of the methods. 

Overlay