Skip to Content
1
Jan 26, 2021 at 09:12 AM

Destination configuration issue when connecting to Azure API using Oauth2

109 Views

Hi All,

In SAPUI5 application I am consuming REST services exposed from MS Azure and protected by Oauth2.

This is how it works in Postman

URL: https://login.microsoftonline.com/{tennant}/oauth2/token

and POST body as form-data:

Grant type: client_credentials

client_id: xxxxxxxx

client_secret: *********

resource: yyyyyyyyyyyy

I receive a token, with proper resource in it. Then all API calls with this token work just fine.

Unfortunately in SCP NEO things get complicated. I have created destination with Authentication OAuth2ClientCredentials, given url, client_id, client_secret. When I use this destination to call API I get error, that audience is not set (some default value is used), and this is because I can't send "resource" parameter. Exactly the same effect is in Postman when I remove it before requesting the token.

Currently I have implemented two phase process - first I use one destination to retrieve token by POST operation. Here I could add additional property "oauth.resource.name" and I get proper token (this property doesn't work in previously described destination config), then I use this token while calling API. Although credentials are protected, token itself is obviously exposed in all browser operations, which I would like to avoid.

Is there any option to configure one destination as it should be, and pass this "resource" parameter to Azure to get proper token?

Thanks in advance,

BR

Maciej