Skip to Content

Creating an HTTP destination with OAuth2SAMLBearerAssertion authentication

Hi All,

I'm trying to create an HTTP destination with OAuth2SAMLBearerAssertion authentication.

However, I'm at a loss as where to put the secret/private key. It should be part of the call to the token service so must be populated somewhere. But where? I'm guessing if I create a destination via a file, there is some parameter that I could set that should contain this key, but I'm not sure what it is - certainly there is nowhere on the HCP cockpit screen that I can use.

Downloading an existing destination that works, it looks like there is an additional "Password" parameter, but when I populate that with the private key, my connection still doesn't work.

Is there a special format that this private key must be entered into the destination file?

Many thanks for you help!

Cheers,

Chris

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Jul 31, 2014 at 06:38 AM

    Hi Chris,

    here's a link to the documentation of this authentication type:

    SAP HANA Cloud Platform

    You can configure the destination using the cloud cockpit, see example below. The client key should go into the technical parameter "clientKey" (if you upload the destination via file), or in the respective field in the editor.

    Does this answer your question?

    Best regards, Timo


    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Chris Paine

      Hi Chris,

      yes, the flow of certificates is as you summarized. There is a document available that describes all this, but unfortunately not (yet?) publicly available. I will follow up on this.

      We also had some discussions already internally that this whole flow is over-complex and should be handled under the hood automatically for the user, when it comes to well-known extensions for e.g. SFSF. So we are working on making this easier in the future.

      Regards,

      Timo

  • author's profile photo Former Member
    Former Member
    Posted on Aug 25, 2015 at 10:19 AM

    Hi there,

    i am trying to achieve the same scenario and did what was described here, but somehow i still can't connect to SF and the log says

    Cannot return OAuth 2.0 SAML Bearer Assertion because of com.sap.core.connectivity.apiext.impl.authentication.assertion.oauth.OAuthTokenGenerationException: Could not generate OAuth 2.0 SAML Bearer Assertion token.

    my Destinationfile looks like

    SuccessFactors is properly configured, under "Manage OAUTH Client Applications" our HCP Account is set and the X.509 Certificate equals the Signing Certificate from HCP Trust Settings.

    Can one of you Former Member or Former Member give me a hint what is missing?

    Thanks in advance

    Regards

    mathias


    destination.PNG (63.6 kB)
    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Nov 30, 2015 at 01:23 PM

    Hi Chris,

    I am trying to create a destination from HCP to SuccessFactors, but I do not know where to get the Client Key. Can you tell me how you did it?

    Thank you in advance,

    Neili

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.