Solved: Apigee CSRF token issue

karthikarjun · ‎06-03-2016

Hi Team,

I would link to point out that we are facing issue to consume SAP services in Apigee environment.

Please find below information:

1. We could not able to perform create functionality in Apigee environment.It is because of

CSRF token security in SAP

2. I can able to retrieve CSRF token from SAP, but when I pass this token to post call, It shows CSRF Token Validation failed.

I would appreciate your help, Please let us know, If you have any solution on it.

Expecting your reply,

Regards,

Karthik A

ElijahM · ‎06-07-2016

Hi Karthik,

Although we cannot know exactly what is happening in your system, I can give some tips from experience.

What I have seen in the past, is that often when working with CSRF tokens, people send a single request to theGateway system to Fetch the CSRF token, and then extract the CSRF token value into a variable, and then pass that value within the next request (e.g. POST). What happens in this case is that the session Cookie value is lost, so the CSRF token and the cookie value does not match.

What I would suggest would be to extract the cookie value for the session requested with the CSRF token, and design your assign message to also pass the cookie value in your subsequent request with the token. Run the trace tool in order to compare the values in the requests, to ensure that it looks like the same session to the backend system. If you have direct access, you can try this with POSTMAN and notice how the requests look in a working situation.

I hope that this helps with your scenario.

Regards,

Elijah

Apigee CSRF token issue

Accepted Solutions (1)

Accepted Solutions (1)

Answers (0)

Re: Unauthorized 401 error while creating destinat...

Re: Currency Conversion: Different Booking Date fo...

Update task in RAP model API

Re: SAP Analytics Cloud for planning - Inverse For...

Re: advanced formula step for calculation of dynam...