on 05-12-2022 9:35 AM
Hi All,
I am getting an error when I am trying to read SF user's pass from SAP IDM8.0.
I have followed the below configuration document. The SF technical user is created with the required permission.
Before running the full initial load job, I wanted to first try the connection test using the "Read SFSF user" pass.
I am getting below error
Error initializing FromOData pass. Error reading service metamodel. Error reading stream from server. Parameters: Service URL:https://hcm23.sapsf.com/odata/v2
java.lang.Throwable: Unexpected response status from the GET request to url: https://hcm23.sapsf.com/odata/v2/$metadata
I have checked at the network level and firewall settings are set to allow from On premise IDM server to SF Cloud Instance.
Please assist, what could be issue? Thanks in advance.
SAP IDM version: 8.0 SP 08, Windows Server
Hi Imram,
"Unexpected response status from the GET request" offen results from Login Error or insufficient privileges on SF side. Try to call the url: https://hcm23.sapsf.com/odata/v2/$metadata directly from your IdM RT server by SoapUI or any browser.
On the SF Admin page you can check the oData Logs if your user connected succesfully.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Andreas,
Thank you for the hint, I checked the URL result in the postman application. There I got an error that "you are not allowed to access Odata API", after this I found SAP note 2830321 - You are not allowed to access OData APIs - SAP SuccessFactors HCM suite
Based on SAP Note 2215682 - Successfactors API URLs for different Data Centers,
I changed API URL from hcm23 to api23.sapsf.com and after that connection is successful. I am able to read SFSF Users.
Thanks
Imran
Hi Imran,
you can definetely check in the detailed job log (e.g. on OS level) what is the error exactly. If you don't see much there ,you might need to raise the dispatcher error level.
Also from your screenshots i don't see any SFSF_user and password maintained. If you did that, then maybe you can check on SF side if this user has the proper permissions and then if the API is allowed to be called from the host that you are trying to call it.
Last but not least, I wouldn't recommend using this type of connector for SF. I would go for the IPS proxy connection and setup the IPS to SF from there.
BR,
Todor
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you Todor,
The SFSF_user & password are maintained. I will check the detailed job log at the OS level.
Do you have any reference links to use the IPS proxy connection?
So from an architectural perspective, SF EC employees will be read in IPS and then IPS to SAP IDM8.0 On-prem?
Our requirement is to perform User lifecycle automation with SF ( onboarding/offboarding/position change).
Currently, it is working fine from SAP ECC HR as a source of truth via VDS.
Now we have implemented SAP SF, so I would like to change the source of truth from SAP ECC-HR to SF.
Best Regards
Imran
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
94 | |
11 | |
11 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.