[SAP CPI] – SECURE CONNECTIVITIES TO SAP CPI WITH OAUTH TOKEN

CPI - Tips & Troubleshooting, SAP CPI One comment

Hi guys, in this article I want to share step by step How to config secure connectivity with HTTPS sender adapter. Normally, when we send message to CPI by https adapter

When we check option CSRF Protected, then run this integration flow from POSTMAN, we receive http status code like this

We have to set token for this http sender. In cases for test API, we can fetch token.

1. How to fetch token for x-csrf-token

  • Call to API with method GET instead POST
  • Add header to API with Key-value = x-csrf-token/fetch
  • Send this request and check header of response message
  • Use this value for header x-csrf-token on request, replace for value = fetch and send API with method POST

Although call API successful, but in real scenario for production environment, this API protected by token in OAuth2 security connectivity. So We have to get token from SAP CPI and call API with bearer token.

2. How to get OAuth token in SAP CPI for client connectivity (CF – Cloud foundry Environment).

Step 1 : Install instance Process integration Runtime. (If have, by pass)

  • Go to Sub Account
  • Go to Instances And Subscriptions
  • Go to Tab Instances
  • Click button Create

Step 2 : Create service key

Next, We create service key of instance. Go to instance which create in step 1. Tab Service Key. Click button Create

After done

Step 3 : Get token from POSTMAN

  1. Grant Type = Client Credential
  2. Client ID : Get in service key, field Client Id
  3. Client Secret : Get in service key, field Client secret
  4. User name : User login BTP ( normally It is email address)
  5. Password : Password of user BTP

Click button : Get New Access Token

Click Proceed.

Click Use Token

Call API by method GET instead POST

Note : If do not check option CSRF Protected in integration flow, we can call API with method POST. But use token to call API, We must use GET method instead POST method. Because of using method POST this time, we will receive status 403 forbidden.

Summary

In this article I shared step by step How to send message to integration flow with CSRF protected check and use token. Thanks for your reading and any question, kindly leave your comment in below this.

Thanks.

Joseph.

One comment

  1. Pingback: [SAP CPI] – How to expose Integration Flow Endpoint as API – SAP Zero to Hero

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.