cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authentication between SAP Gateway cloud connector and HCP mobile services

Go to solution
Former Member

on ‎04-09-2016 12:20 AM

0 Kudos

Hello Experts,

We have an Use Case where in we have iOS Native app that connects to HCP mobile services which connects to back end ECC system (say ERP) via HCP Mobile services and HANA cloud connector (HCC) .

App -> HCPms -> HCC -> OData_SRV -> ERP.

We are able to do a GET with and  without authentication. This Works !! 

However, to perform PATCH operation  from native app, we get an error "CSRF Token needed".

But patch works within SAP gateway if we use tcode /IWFND/GW_CLIENT

For authentication, we are using HCP default identity provider (SAP ID) and HTTP Basic Auth. (and this works too). For backend ECC system we use SAP backend user for identity management.

What is the correct way to configure Cloud connector + backend ECC systems so that we can execute PATCH/update? 

Any pointers will be highly appreciated!!

regards

Akshay

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Andre_Fischer
Product and Topic Expert
Product and Topic Expert
‎04-09-2016 4:22 PM
0 Kudos

Hi Akshay,

the SAP Gateway Client is providing you the CSRF token automatically so that you as a developer testing the Service don't have to bother to get it yourself.

An OData Client has to retrieve the CSRF token via a GET request using the http Header "X-CSRF-Token" with the value "Fetch"  

See the following thread for more details.

Best Regards,

Andre

Show replies
Show replies
Former Member
‎04-09-2016 7:37 PM
0 Kudos

HI Andre,

Thanks alot for the quick response.

I tried what was mentioned there. When i do a GET, I get the values of the entity But I am getting a blank token.

Is there some setting that needs to be maintained at the OData service level or the OData service Node level?  Currently, if i goto tcode SICF  and navigate to the service -> GUI configuration, we have set the variable CHECK_CSRF_TOKEN = 0 . I tried changing it to 1. But that dint work either.

Please refer the attachment

regards

AKshay

mgrasshoff
Advisor
Advisor
‎04-12-2016 11:45 AM
0 Kudos

Hi,

actually HCPms should not mess with this token and just proxy it though. So could you please verify that the same request, directly against your OData Service, is generating the token?

In the past we had observed funny things, like case-sensitive headers while fetching the token:

X-CSRF-TOKEN != x-csrf-token

the same is true for the header value:

FETCH != fetch != Fetch

Hope this brings you on the right track.

Regards,

Martin

Former Member
‎06-24-2016 2:54 PM
0 Kudos

Try adding the following header. Might solve your problem.

DataServiceVersion: 2.0

X-CSRF-Token: Fetch

X-Requested-With: XMLHttpRequest

Also try it with your  service root path.

Answers (1)

Answers (1)

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-16-2016 10:13 PM
0 Kudos

As Martin mentioned, you should first check if you are getting CSRF token value directly from OData service (not via HCPms) , if it works then it confirms that ICF is creating token for this service.

Regards,

JK

Show replies
Show replies
Ask a Question