CPI->Cloud Connector->S4 using client certificates
I'm trying to consume as service in S/4HANA from CPI via the Cloud Connector. In the receiver adapter the only authentication options available are
- None
- Basic
- Principal Propagation
The first two options are no good for as our security team will not endorse those to methods. I can use principal propagation where I have a client (Sender) but I have a problem where the iFlow is started by a Timer event in CPI. In this scenario I have no Principal.
A sample scenario is CPI polls an SFTP site for Journal file produced by another system. It picks up this file and consumes the API in S/4HANA to post the Journal.
My question are:
- Can I manually set a Principal in the iFlow
- Can the Cloud Connector authenticate to S/4 on my behalf
It seems bizarre that the cloud connector is forcing me to use a less secure authentication method.
I can get secure certificate based authentication if I don't go via the cloud connector but this means I need to expose the S/4 API to the internet which is not ideal.