Using Mashups with External Web Applications

In this lesson, you will learn how to use Mashups to integrate standard SAP functionalities with external applications in SAP Sales Cloud and SAP Service Cloud Version 2. Mashups enable comprehensive data integration by seamlessly combining internal SAP data with external web services and applications. These integration tools support various mashup types, such as URL, HTML, and Analytics mashups. Each type provides unique capabilities for specific business needs. SAP Sales Cloud and SAP Service Cloud Version 2 provides flexible placement options across various UI levels, allowing URL mashups to be deployed at the section group level and HTML mashups to be positioned at the view level. This ensures optimal integration based on functional needs.

To configure mashups for SAP Sales Cloud and SAP Service Cloud Version 2, the mashupService (with the checkbox identifier mashupService) must be added to business roles to enable users to access mashup functionality, including the ability to create, configure, and manage mashups through the Mashup Authoring application.

URL mashups are integration tools that send data or call external functionalities from SAP Sales Cloud and SAP Service Cloud Version 2 to external web applications via URLs, and display results in new browser tabs or windows. These mashups enable seamless integration of external services such as web searches, company information lookups, online maps, and third-party business applications directly within the SAP user interface. URL mashups provide powerful extensibility capabilities without modifying core SAP systems, allowing organizations to enhance user productivity by combining internal SAP data with external web services and applications.

To integrate external content or functionalities directly into the user interface, administrators can add a URL mashup as a button or a link within the application.

HTML mashups enable administrators to embed external web applications, custom functionality, or third-party content directly within the user interfaces of SAP Sales Cloud and SAP Service Cloud Version 2. These mashups can display data from external systems, provide specialized business tools, or extend standard functionality without requiring code modifications to the core system.

With HTML mashups, you can:

• Trigger in-system navigation using UI Events. These events enable navigation to specific screens, including list view, detail view, quick view, and quick-create view, without opening new windows or browser tabs.
• Initiate search events in SAP Sales Cloud and SAP Service Cloud Version 2. Search events are especially useful in Agent Desktop scenarios, where mashups can automatically trigger searches and open related accounts or individual cases.
• Create custom events to provide additional flexibility for integrating mashups with the SAP system beyond standard navigation and search capabilities.

For HTML mashups to be displayed correctly, it is necessary to allow the SAP Sales Cloud and SAP Service Cloud Version 2 system to access content in the target system. For example, in SAP S/4HANA Cloud, the domain of the SAP Sales Cloud and SAP Service Cloud Version 2 system needs to be maintained in the Maintain Protection Allowlists App.

Analytics mashups in SAP Sales Cloud and SAP Service Cloud Version 2 are integrated data visualization components that combine data from multiple sources to create comprehensive analytical views. These mashups leverage the SAP Analytics Cloud, embedded edition functionality to provide real-time insights and advanced visualization capabilities directly within the SAP Sales Cloud and SAP Service Cloud Version 2 interface.

The primary business value lies in enabling users to access a unified reporting experience across Sales and Service processes, with real-time data analysis using standard SAP Sales Cloud and SAP Service Cloud Version 2 data sources and advanced visualization options such as charts, tables, KPIs, and interactive dashboards.

In the following video, you will learn how to configure HTML and URL mashups, pass parameters, and add mashups to the user interface.

SAP Sales Cloud and SAP Service Cloud Version 2 implement comprehensive security measures for mashup integrations, including Content Security Policy (CSP) protections, cross-site scripting countermeasures, and secure communication channels.

• Content Security Policy (CSP) is a security standard that provides an additional layer of protection from cross-site scripting (XSS), clickjacking, and other code injection attacks in SAP Sales Cloud and Service Cloud Version 2 mashups. CSP works by allowing administrators to specify which domains are permitted to execute scripts, load images, styles, and other resources within mashup applications. This effectively controls what external content can be loaded and executed in the browser.
• Frame source settings control which external domains can be embedded as iframes within the SAP system interface, directly impacting the ability to display external applications and services through mashups. When configuring frame sources, administrators must add the hostname URLs of trusted external systems to the Frame Source section of the Content Security Policy settings, using wildcard patterns to accommodate subdomains and dynamic URLs.
• SAP Sales Cloud and SAP Service Cloud Version 2 enforce HTTPS protocol requirements and implement whitelisting mechanisms for the Same-Origin Policy to maintain security boundaries when integrating external content.
• Authentication is controlled through role-based access management, where only trusted users should have access to mashup parameter authoring, with customers responsible for managing appropriate access controls.
• Parameter validation includes string-only parameter names with a maximum input length of 80 characters, and data privacy compliance requires reviewing mashup configurations to ensure conformance with company data privacy policies before activation, as some web services may pass business data to third-party organizations.

For more information about mashup security, refer to the Mashup Security Guidelines on the SAP Help Portal.

• Mashups integrate internal SAP data with external web applications, enhancing functionality without modifying the core system and enabling flexible UI placement.
• Three mashup types are available: URL, HTML, and Analytics, each designed for different integration scenarios.
• URL mashups send SAP data or call external functionalities via URLs and open results in new tabs or windows, making them ideal for simple integrations such as web searches or external applications.
• HTML mashups embed external applications directly in the SAP UI, enabling seamless display of external data and tools.
• Analytics mashups use Analytics Cloud, embedded edition capabilities to deliver real-time insights, interactive dashboards, KPIs, charts, and unified reporting directly within SAP Sales Cloud and Service Cloud Version 2.
• Security considerations include enforced HTTPS, Content Security Policy (CSP), whitelisting of external domains, role-based access control, parameter validation, and strict data privacy compliance.