Skip to Content
Jun 17, 2021 at 01:47 AM

CPI->Cloud Connector->S4 using client certificates


I'm trying to consume as service in S/4HANA from CPI via the Cloud Connector. In the receiver adapter the only authentication options available are

  • None
  • Basic
  • Principal Propagation

The first two options are no good for as our security team will not endorse those to methods. I can use principal propagation where I have a client (Sender) but I have a problem where the iFlow is started by a Timer event in CPI. In this scenario I have no Principal.

A sample scenario is CPI polls an SFTP site for Journal file produced by another system. It picks up this file and consumes the API in S/4HANA to post the Journal.

My question are:

  1. Can I manually set a Principal in the iFlow
  2. Can the Cloud Connector authenticate to S/4 on my behalf

It seems bizarre that the cloud connector is forcing me to use a less secure authentication method.

I can get secure certificate based authentication if I don't go via the cloud connector but this means I need to expose the S/4 API to the internet which is not ideal.