on 11-08-2022 8:51 AM
Hello,
for my work i use the Overview | Maintenance Notification | SAP API Business Hub API. Testing the API via the Postman works very well all the GET/PUT/POST requests do function and don't produce any issues at all.
In order for a POST or PUT request to function it is necessary to have the csrf-token for it as well as the cookie, both could be gotten via a GET Request.
Now those requests implemented in simplifier (IDE), don't function that well. There are no issues with GET requests , however, PUT/POST, are an issue.
Erorr: "The Http request was not successful due to the client error: [403: Forbidden - The request was a legal request, but the server is refusing to respond to it.] Response: CSRF token validation failed". What to do about it?
Question 1. Should only the cookie and csrf-token be handed over, are there additional mandatory fields that also should be send ?
Question 2. GET request, depending on the verbosity can generate one "Set-Cookie" or almost 6. which one should be handed over ? What formatting? Example: "Set-Cookie": "SAP_SESSIONID=DfdggdsgsdaG-GP22ptVuUQVh81fQdsadasddsa%3d; Path=/". Should the path be let out ?
Question 3. what is the correct writing of csrf-Token and cookie when handing over? There are multiple versions
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.