Update concepts-26572ad.md

Documented security constraints of Scheduler Service. There was a big discussion on this limitation with BTP Scheduler Team, CAP Team and expert from XSSEC library on a SAP OSS Ticket. Customers of BTP Scheduler Service should be aware of this limitation, as it is currently not mentioned in the documentation. If you have any questions, Alexandar was working on the SAP OSS Ticket Case 472642/2024 "Calls for Public CAP-API using BTP Scheduler not working" Best regards, Ben
SAP-docs · Jun 14, 2024 · 59e6d7f · 59e6d7f
1 parent 5091d4b
commit 59e6d7f
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/docs/20---Concepts/concepts-26572ad.md b/docs/20---Concepts/concepts-26572ad.md
@@ -158,6 +158,16 @@ You can use the service with multitenant applications developed in the context o
 
 
 
+</dd>
+</dl>
+
+**Security**
+
+</b></dt>
+<dd>
+
+The service has to be bound to the calling application in the same Cloud Foundry Space. Otherwise or when calling public APIs, an invalid authorization header (JWT token) will be sent which can lead to technical problems (e.g. for CAP applications).
+
 </dd>
 </dl>