[CAR-OAA]-Get token from SAP car oaa via sap po

Hello Guys,

SAP CAR provided to us REST API to get Access Token. We can call this API directly from SAP CAR system via URL:

http://XXX:YYY/sap/car/rest/oaa/sourcing?sap-client=[your CAR Client]

XXX: Your CAR Host Name

YYY: Port

Standard GetToken from SAP CAR

But in some scenarios, you don’t want third-party system access directly to SAP CAR, Integration has to go through SAP PO then you can follow the tips below to get “X-csrf-Token“.

When we request a token to SAP CAR, it does not return credentials in the response payload. The token and Cookie send back in the message header. In this case, we need to make UDF read header attributes.

The simple data flow to show you the systems involved.

UDF to get Dynamic Configuration from HTTP Header

In UDF, we had two parameters, Namespace and Name of REST Adapter attribute.

public String SetDynamicConfiguration(String namespace, String name, String value, String refvalue, Container container) throws StreamTransformationException
DynamicConfiguration conf = (DynamicConfiguration)container.getTransformationParameters().get(StreamTransformationConstants.DYNAMIC_CONFIGURATION); 
DynamicConfigurationKey key=DynamicConfigurationKey.create(namespace,name); 
//return "ok";
return refvalue;
catch(Exception  ex)
  return refvalue;
  • SAP Process Orchestration: Enterprise Service Builder

Data type

Message Mapping

Integrated Configuration

Receiver Channel

Testing message

Generate WSDL URL and test on SOAPUI tools

Message Attribute from REST receiver

Thank you,

Cuong Dang

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.