Skip to Content
May 25, 2016 at 07:47 AM

Using the Authorization Management API from Hana XS


Hello everyone,

I am currently struggling with calling the Authorization Management API from an XSJS script on the HCP. The goal here is to build an XSJS Service which provides the roles given to a user in an HTML5 Application. The HTML5 frontend then shows different options/layouts depending on the roles the user has.

For this I created a .xshttpdest file

description = "HCP Authorization Management API";
host = "";
port = 80;
proxyType = http;
proxyHost = "proxy";
proxyPort = 8080;
useSSL = true;
timeout = 30000;

I setup the SSL certificate in the Trust Store as described here: Outbound httpS with HANA XS (part 2) - set up the trust relation

My current XSJS file for testing looks like this:

var destinationPackage = "destinations";
var destinationName = "authorizationManagementAPI";

try {
        var dest = $.net.http.readDestination(destinationPackage, destinationName);
        var client = new $.net.http.Client();
        var req = new $.web.WebRequest($.net.http.POST, "/oauth2/apitoken/v1?grant_type=client_credentials"); 
        client.request(req, dest);
        var response = client.getResponse();  
        $.response.contentType = "application/json";
        $.response.status = $.net.http.OK;
} catch (e) {
        $.response.contentType = "text/plain";

Running this file results in a page which loads for a long while and then delivers the following error:

HttpClient.request: request failed: unable to establish connection to - IPcon: SSL session failed with error: "SapSSLSessionStart()==SSSLERR_SSL_CONNECT
SSL_connnect() failed (0/0x00) Huh??
  SSL:SSL_get_state()==0x2120 "SSLv3 read server hello A"
  SSL NI-hdl 12: local= peer=
  cli SSL session PSE "#_MemPSE_#803805521865518491315724"
  Target Hostname=""

Does anyone know what causes this error and/or could you explain how to call the API from our XSJS Backend?