Skip to Content

X-CSRF Issue while calling from JAVA appplication

Unable to post data (Purchase Requisition) into S/4 HANA system because of security token issue due to x-CSRF token mechanism enabled in oDATA service and we need to have this interface working with this security feature in place.


Steps to post data in S/4:-

  1. SAP standard OData service " API_PURCHASEREQ_PROCESS_SRV" is being used for PR creation
  2. We are using IntelliJ IDE for creating a JAVA REST Service Client to call S/4 - payload is attached
  3. FETCH is used to get CSRF token as a pre-post
  4. POST is used to post data
  5. We debugged on S/4 side and method "validate_csrf_token" of class "/IWCOR/IF_REST_CSRF_HANDLER" is returning flag "lv_successful" as blank which is causing the issue
  6. On the JAVA side, we receive "HTTP: 403 Forbidden Error"

We need your help and support in figuring out why the class method is not returning a success flag even though we are able to fetch the x-csrf token successfully from S/4 and use this token during POST.

Add a comment
10|10000 characters needed characters exceeded

Related questions

0 Answers

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.