on 07-12-2022 12:53 PM
Hi SAP AppGyver team,
My Appgyver app is using BTP authentication to fetch OData(user info) from backend BTP ABAP Environment. The destination setup is done correctly in the BTP and the app is succesfully fetching the user info and displaying it as list.
Now, I've added user creation page and when the app calls "Create record" flow function for the OData, it returns "CSRF token validation failed" in the browser.
My OData accepts POST method to update the backend data source and I've tested it in the BTP ABAP environment, so it shouldn't be the problem of OData itself.
So is there a missing setting on my end in AppGyver or BTP destination?
Below are the screenshots for reference.
"Create record" and C_USER is the OData connected by BTP authentication. Data to be created are passed in "Record" property.
When I preview the app in web and push the button to trigger "Create record", it returns 403 POST error. In the response header, "x-csrf-token" is set to "Required". I think the correct way is for AppGyver to call HEAD or GET method of the ODATA and fetch the csrf-token and then finally call the POST method to perform the "Create record". I have feeling that AppGyver is not feetching csrf-token before hand..
The returned response is "CSRF token validation failed".
Thanks in advance!
Hi,
The 'Create record,' or POST request function is not yet natively supported for the BTP Destinations. It is possible to do this using a custom JavaScript flow function, but this workaround is fairly complicated, and we would highly advise against using it (especially since there are no known LIVE examples). We have the implementation in the development pipeline.
In case you are curious about the workaround. To make it work, you will need to create a GET request flow function via the custom JavaScript and store the CSRF Token in a variable. Then make a POST request flow function via JavaScript that sends the data with the token. As you can see the workaround involves writing JS code and is not suitable for Low-Code/No-Code solutions. Furthermore, creating workarounds with JS falls out of our support.
All in all, it would be best to wait for the official implementation.
Best regards,
Kirill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the answer. When is this official implementation planned? I don't think I see it in the road map.
https://roadmaps.sap.com/board?range=FIRST-LAST&PRODUCT=73554900100800003801#Q3%202022
The following implementation will most likely be released in the next large update during Q3. Unfortunately, I am unable to give any other details on the ETA.
Hi, yes it was implemented in Q3/2022. You can now create records without any workaround
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.