on 04-22-2014 9:08 AM
Hi experts,
I’m trying to call a REST with POST method and I’m getting the following error: 403 Forbidden . I have followed the IdM documentation about: SAP NetWeaver Identity Management REST API Interface Description.
Here is an example:
URL:
HTTP Method:
Parameters:
Authentication:
Note: I'm calling the REST with GET method with no such error.
BR,
Simona
Hi Simona,
I guess you get this error because of the XSRF protection. Please see point 1.3 of the document you have mentioned where it is described how to make proper POST requests. Basically you have to provide additional token with the request.
Let me know if you need further help.
Best Regards,
Hristo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hristo,
Here is an example of my code:
var parameters = {};
var headers ={};
headers.setHeader = "Content-type: JSONHttpRequest";
headers.setHeader = "Content-type: application/x-www-form-urlencoded";
headers.setHeader = "X-Requested-With: JSONHttpRequest";
headers.setHeader = "X-Requested-With: XMLHttpRequest";
headers.setHeader = "X-CSRF-Token: Fetch";
parameters.MX_FIRSTNAME = "Tester";
var variantUrl = "http://....../idmrest/v72alpha/entries/{MSKEY}/tasks/{TASKID}";
var oModelVariant = new sap.ui.model.json.JSONModel( );
oModelVariant.loadData(variantUrl,parameters ,false, "POST", false, false, headers);
Can you what I'm doing wrong.
BR,
Simona
When you make a GET HTTP request with the following header:
"X-CSRF-Token: Fetch";
then in the response you will have something like: "X-CSRF-Token: abcdefghi"; instead of the keyword Fetch. That is the XSRF token. You have to use this token in the subsequent POST request. Something like
POST ....
X-CSRF-Token: abcdefghi
Hi Simona,
I am not using identity management. I have created a simple REST (POST) based interface in PI using Advantco adapter. I have used AAE (ICO).
Here in REST sender channel I have just configured the "Listening Mode".
When I test the REST service url (http url) in browser (IE or chrome).I get a pop-up to enter userid/password. After that I get 403 forbidden error.
I have proper access to PI system as a DEVELOPER.
Is there any special role or access to be included in addition to DEVELOPER role in PI?
Am I missing any other configuration?
Please help.
Hi Gopalkrishna,
Check my blog - http://scn.sap.com/community/idm/blog/2014/05/26/sap-netweaver-idm-rest-api-ui--calling-post-methode...
BR,
Simona
Hi Simona,
Thank you so much for the explanation!
Any clue on why this might still be happening:
In your interaction with the IDM 8.0 REST API, have you had to copy the cookie details as well from the first non-modifying GET, along with the CSRF token, and use both within the modifying-POST API call?
Would greatly appreciate your insight on the issue!
Thanks a ton in advance Simona!
Best regards,
Sandeep
I'm trying to access a rest through JSONModel with but unfortunately I've had a trouble.
The error is:
Additional information: The HTTP method 'OPTIONS' of the incoming request (with URI 'http://localhost:36172/RestSe rviceImpl.svc/token') is not allowed.
The code is:
var oModel = new sap.ui.model.json.JSONModel();
var url ='http://localhost:36172/RestS erviceImpl.svc/token';
var parameters ={};
var headers ={};
headers.Authorization ='Access-Control-Allow-Origin: true';
headers.setHeader ='Accept: application/json';
headers.setHeader ='Content-Type: application/json';
var parameters ='username=wcorrea,password=123456,expiration=500';
//var parameters ='wcorrea,123456,500';
oModel.loadData(url, parameters, false, "POST", false, "false", headers);
Does anyone have an idea what's going on?
Tks
Rodrigo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Rodrigo,
I guess this is not IdM related, so better to post this question in another forum.
But I do not think this will work:
var parameters ='username=wcorrea,password=123456,expiration=500';
Check for Basic authentication and Base64 encoding like here:
How to use Basic Auth and Jquery and Ajax - Stack Overflow
Best regards, JAnnis
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.