Skip to Content
author's profile photo Kevin Barter
0
Kevin Barter
May 12 at 09:19 PM

X-CSRF-Token Validation Failed when saving data to on-prem BW4HANA

294 Views

I have an iFlow that I want to be able to POST data to BW4HANA. Before trying to POST data, I did a GET on the endpoint, and was able to get the schema. From this, I am pretty sure the connectivity to BW4HANA is setup correctly.

Once I knew that the GET worked, I added a step to fetch the X-CSRF-Token using the endpoint http://bhx-https:443/sap/bw4/v1/push/dataStores/zar_o001. The token is returned, and is stored in the header as expected.

After that, I added another call to BW4HANA, but this time doing a POST to the endpoint http://bhx-https:443/sap/bw4/v1/push/dataStores/zar_o001

This call returns a 403 error, and the payload contains the following message:

CSRF token validation failed

Below are the details on the iFlow, and the logs that I have saved from the Cloud Integration trace logs.

In addition, I am able to call BW4HANA via Postman successfully.

We are on the Neo version of Cloud Integration as well, as that can make a difference.

Any suggestions on what the issue may be?

I have found a couple of similar posts online, but the solutions offered do not help:

· X-CSRF Token Validation Failed when save data in BW4 HANA Data Store | SAP Community

· CSRF token validation failed | SAP Community

iFlow Details

One of the suggestions I saw online was to use On Integration Flow or On Exchange for the HTTP Session Reuse. I have tried both, and the results are unchanged.

image.png

Get X-CSRF-Token (step works)

HTTP GET Connection to BW that gets the token

image.png

image.png

Some of the blogs/articles that I have seen online showed similar screenshots, but they had entries for the headers to return. I am assuming an older version of Cloud Integration was being used, since I don’t have those options.

HTTP POST connection to BW that posts the data (NOT working)

image.png

image.png

Error Logs

Here are the error logs from the trace that was running.

I saved the three attachments below, as well as the complete log. They are attached to this question.

image.png

If you look at the two header logs, the X-CSRF-Token exists before and after the call to BW4HANA. The body log has the error message, and the message log has all of the details.

Attachments
image.png (39.8 kB)
image.png (24.9 kB)
image.png (71.8 kB)
image.png (29.9 kB)
image.png (62.9 kB)
image.png (92.0 kB)
http-receiver-adapter-request-headers-bw-adso-test.txt (1.0 kB)
http-receiver-adapter-response-body-bw-adso-testin.txt (28 B)
http-receiver-adapter-response-headers-bw-adso-tes.txt (500 B)
messagelog-bw-adso-testing.txt (14.0 kB)