04-16-2020 3:15 PM
I am trying to call the API get method to fetch the csrf token using ajax call, as mentioned below. But i am getting the security error.
Whereas it is working fine with POSTMAN with same authorization and header parameters .
Can you please help in finding the issue and fixing it.
GLOBAL.step({ Custom:function(ev, sc, st){
var rootData = sc.data;
ctx.workflow('PostJE_WF','562130e2-db0c-462f-8fc2-8dca926f3314');// Custom
var geturl ='http://<HOST>:<PORT>/sap/opu/odata/sap/<service>/<entity>';
API.GET(geturl, sc);
ctx.log('csrf token fetched');
sc.endStep();//end Scenario
return;}});
var API ={GET:function(url, sc){
var response;
var rootData = sc.data;
ctx.ajax.call({method:e.ajax.method.get,
url: url,//contentType:e.ajax.content.json,
contentType:e.ajax.content.xml,headers:{'Authorization':'Basic '+ ctx.base64.encode('USERNAMEVALUE'+':'+'PASSWORDVALUE'),'Content-Type':'application/atom+xml','x-csrf-token':'fetch','Accept':'application/json'},
ignoreClientCertificate: true,
success:function(res,status, xhr){
sc.endStep();return;},
error:function(res,status, xhr){
sc.endStep();return;}});}
Thanks
Vijay
10-05-2020 11:34 PM
Please try using Curl to call and saving the xcsrf-token from the return header. this blog has some useful steps towards that
https://blogs.sap.com/2020/07/14/working-with-sap-irpa-and-s-4-on-premise-system/