Update from SAP DITA CMS (squashed):

ditaccms-bot · ditaccms-bot · commit 9b07acc323a7 · 2025-08-07T13:07:50.000Z
commit 4acd55e0b7eb7b8b00b24874633714463895e3ad
Author: REDACTED
Date:   Thu Aug 7 10:27:36 2025 +0000

    Update from SAP DITA CMS 2025-08-07 10:27:36

    Project: dita-all/jjq1673438782153
    Project map: c2f780f61c744155b0bd42b6f38fb70c.ditamap
    Output: loiob2927cc326be495da9f4fea0b6bda2b3
    Language: en-US
    Builddable map: c590d25af285407ba12a69179a940c19.ditamap

commit 23cce4d4ebb474a8de8632d8f9ea8641e150ed11
Author: REDACTED
Date:   Wed Aug 6 17:05:02 2025 +0000

    Update from SAP DITA CMS 2025-08-06 17:05:02

    Project: dita-all/jjq1673438782153
    Project map: c2f780f61c744155b0bd42b6f38fb70c.ditamap
    Output: loiob2927cc326be495da9f4fea0b6bda2b3
    Language: en-US
    Builddable map: c590d25af285407ba12a69179a940c19.ditamap

commit fe45c2acf5545667447107df50b393c6f7960e2a
Author: REDACTED
Date:   Wed Aug 6 16:26:51 2025 +0000

    Update from SAP DITA CMS 2025-08-06 16:26:51

    Project: dita-all/jjq1673438782153
    Project map: c2f780f61c744155b0bd42b6f38fb70c.ditamap

##################################################
[Remaining squash message was removed before commit...]
diff --git a/docs/1-connectivity-documentation/configure-access-control-rfc-ca58689.md b/docs/1-connectivity-documentation/configure-access-control-rfc-ca58689.md
@@ -39,6 +39,8 @@ To allow your cloud applications to access a certain backend system on the intra
     > ### Note:  
     > -   The back end must be properly configured to support SNC connections.
     > -   SNC configuration must be provided in the Cloud Connector.
+    > 
+    >     For more information, see also [Configure Identity Propagation for RFC](configure-identity-propagation-for-rfc-33a2f37.md).
 
 6.  Choose *Next*.
 7.  Choose whether you want to configure a load balancing logon or connect to a specific application server.
diff --git a/docs/1-connectivity-documentation/oauth-token-exchange-authentication-f4d28ea.md b/docs/1-connectivity-documentation/oauth-token-exchange-authentication-f4d28ea.md
@@ -20,7 +20,7 @@ With this token exchange flow, any type of token can be used, provided that it i
 
 ## Properties
 
-To configure a destination of this type, you must specify all the required properties. You can create destinations of this type via the [Destination Service REST API](destination-service-rest-api-23ccafb.md).
+To configure a destination of this type, you must specify all the required properties.
 
 > ### Restriction:  
 > `OAuth2TokenExchange` destinations don’t support dynamic tenant-specific token service URLs. The token service URL is always taken as is.
@@ -393,6 +393,14 @@ For more information, see [Client Assertion with Automated Assertion Fetching by
 </tr>
 </table>
 
+> ### Note:  
+> When consuming a destination via the Destination service REST API, the following headers are mandatory for this authentication type:
+> 
+> -   `X-Subject-Token`
+> -   `X-Subject-Token-Type`
+> 
+> For more information, see the [Destination service REST API](https://api.sap.com/api/SAP_CP_CF_Connectivity_Destination/resource/Consume_a_destination) documentation.
+
 
 
 <a name="loiof4d28ea5a6ce441fb3dacce0a55d7a35__example"/>
