on 01-26-2021 9:12 AM
Hi All,
In SAPUI5 application I am consuming REST services exposed from MS Azure and protected by Oauth2.
This is how it works in Postman
URL: https://login.microsoftonline.com/{tennant}/oauth2/token
and POST body as form-data:
Grant type: client_credentials
client_id: xxxxxxxx
client_secret: *********
resource: yyyyyyyyyyyy
I receive a token, with proper resource in it. Then all API calls with this token work just fine.
Unfortunately in SCP NEO things get complicated. I have created destination with Authentication OAuth2ClientCredentials, given url, client_id, client_secret. When I use this destination to call API I get error, that audience is not set (some default value is used), and this is because I can't send "resource" parameter. Exactly the same effect is in Postman when I remove it before requesting the token.
Currently I have implemented two phase process - first I use one destination to retrieve token by POST operation. Here I could add additional property "oauth.resource.name" and I get proper token (this property doesn't work in previously described destination config), then I use this token while calling API. Although credentials are protected, token itself is obviously exposed in all browser operations, which I would like to avoid.
Is there any option to configure one destination as it should be, and pass this "resource" parameter to Azure to get proper token?
Thanks in advance,
BR
Maciej
Hello Martin,
Thanks for your response.
Unfortunately I have tried adding parameter to postman call - it was ignored and token returned was not proper. As this is POST call and all parameters are sent via body as form, all parameters in URL were ignored. Is there some other way you do it? GET method maybe?
BR,
Maciej
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
89 | |
10 | |
9 | |
9 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.