cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Cloud Platform . Java - AuthenticationHeaderProvider API - Setting Email as nameId

former_member314353
Explorer

on ‎04-04-2017 6:05 PM

0 Kudos

Hello,

I want to authenticate against the SAP Jam Rest API using the SAP Identity provider.

To forward the user that has logged in via the IDP I tried to use the

AuthenticationHeaderProvider API.

Sadly my Jam tenant returns a 401 Http Status.

The error message is:

com.sap.core.connectivity.apiext.impl.authentication.assertion.oauth.OAuthTokenGenerationException: Could not retrieve OAuth 2.0 access token for user C5*****

I know that SAP Jam needs the email address and not the the SAP user id to authenticate a user. I actually thought this was set by the "nameIdFormat" and "userIdSource" paramter of the DestinationConfiguration.

I followed this example to set up the DestinationConfiguration:

https://help.hana.ondemand.com/cloud_portal_flp/frameset.htm?1f122e4427fa4e36b93fcbac2864005a.html

If you have any suggestion how to fix this issue I would be very thankful.

Kind regards,

Jonas

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member314353
Explorer
‎04-06-2017 1:17 PM
0 Kudos

I figured out that this error is caused due to the configuration of the Identity Provider.

The IDP sends the user Id instead of the E-Mail address as the name id.

To fix this issue you need to get in contact with your identit provider administrator and ask him to change the settings accordingly.

Show replies
Show replies
jimmycat
Explorer
‎08-23-2017 4:53 PM
0 Kudos

hum, how did you fix it then? Thanks!

Ask a Question