cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP IDM & SF Integration Error

Go to solution
former_member256680
Participant

on ‎05-12-2022 9:35 AM

0 Kudos

Hi All,

I am getting an error when I am trying to read SF user's pass from SAP IDM8.0.

I have followed the below configuration document. The SF technical user is created with the required permission.

https://help.sap.com/docs/SAP_IDENTITY_MANAGEMENT/4773a9ae1296411a9d5c24873a8d418c/bc7c9874082442549...

Before running the full initial load job, I wanted to first try the connection test using the "Read SFSF user" pass.

I am getting below error

Error initializing FromOData pass. Error reading service metamodel. Error reading stream from server. Parameters: Service URL:https://hcm23.sapsf.com/odata/v2
java.lang.Throwable: Unexpected response status from the GET request to url: https://hcm23.sapsf.com/odata/v2/$metadata

I have checked at the network level and firewall settings are set to allow from On premise IDM server to SF Cloud Instance.

Please assist, what could be issue? Thanks in advance.

SAP IDM version: 8.0 SP 08, Windows Server

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member222441
Explorer
‎05-12-2022 5:02 PM
0 Kudos

Hi Imram,


"Unexpected response status from the GET request" offen results from Login Error or insufficient privileges on SF side. Try to call the url: https://hcm23.sapsf.com/odata/v2/$metadata directly from your IdM RT server by SoapUI or any browser.

On the SF Admin page you can check the oData Logs if your user connected succesfully.

Show replies
Show replies
former_member256680
Participant
‎05-15-2022 8:50 AM
0 Kudos

Hi Andreas,

Thank you for the hint, I checked the URL result in the postman application. There I got an error that "you are not allowed to access Odata API", after this I found SAP note 2830321 - You are not allowed to access OData APIs - SAP SuccessFactors HCM suite

Based on SAP Note 2215682 - Successfactors API URLs for different Data Centers,

I changed API URL from hcm23 to api23.sapsf.com and after that connection is successful. I am able to read SFSF Users.

Thanks

Imran

Answers (2)

Answers (2)

todor_petrov
Contributor
‎05-12-2022 10:23 AM

Hi Imran,

you can definetely check in the detailed job log (e.g. on OS level) what is the error exactly. If you don't see much there ,you might need to raise the dispatcher error level.

Also from your screenshots i don't see any SFSF_user and password maintained. If you did that, then maybe you can check on SF side if this user has the proper permissions and then if the API is allowed to be called from the host that you are trying to call it.

Last but not least, I wouldn't recommend using this type of connector for SF. I would go for the IPS proxy connection and setup the IPS to SF from there.

BR,

Todor

Show replies
Show replies
former_member256680
Participant
‎05-12-2022 11:10 AM
0 Kudos

Thank you Todor,

The SFSF_user & password are maintained. I will check the detailed job log at the OS level.

Do you have any reference links to use the IPS proxy connection?

So from an architectural perspective, SF EC employees will be read in IPS and then IPS to SAP IDM8.0 On-prem?

Our requirement is to perform User lifecycle automation with SF ( onboarding/offboarding/position change).

Currently, it is working fine from SAP ECC HR as a source of truth via VDS.

Now we have implemented SAP SF, so I would like to change the source of truth from SAP ECC-HR to SF.

Best Regards

Imran

Show replies
Show replies
Ask a Question