Skip to Content
0

NW 7.5 PI REST Adapter X-CSRF-Token

Oct 12, 2016 at 01:36 AM

379

avatar image
Former Member

We are using the NW PI 7.5 REST adapter with POST method for IDM v2 API's. These API's require X-CSRF-Token to be passed as a parameter. So currently we do a get, token come back in the dynamic header, parse that out, then pass it to the POST.

The issue is the POST is a different session and therefore requires a new token, so we get a 403 Forbidden. Is there a way to issue a GET during the POST for the X-CSRF-Token similar to how OAUTH works with the REST adapter?

I have seen some posts that refer to passing a cookie that references the token during the get, but I am not sure how that is done.

Thanks, Andrew

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

avatar image
Former Member
Aug 10, 2017 at 01:07 PM
1

Hello Andrew and Vikas,

With the patch given in SAP Note 2461114 the new feature of cookie handling in REST adapter is provided.

Best regards,
Vadym

Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Thanks Vadym, we have implemented a solution through ABAP, but we will try the new module parameter to see if it resolves the problem.

1
Vikas Kumar Singh Aug 10, 2017 at 06:55 AM
0

Having the same issue. Doing GET in udf to fetch x-csrf and then passing it to header of POST in rest receiver channel. As the session is different then getting 403 forbidden.

Is there a way in PI to maintain cookie or set x-csrf authorization.

Regards,

Vikas

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi,

Did you manage to achieve this? We have the same problem..

And one more question maybe, to do a GET in an UDF, did you use the SystemAccessor and LookupService with a communication channel like normal REST lookup? If yes, how did you access the Header level of the response? Is this even possible?

Thanks in advance,

Andreea Mutascu

0
avatar image
Former Member Aug 10, 2017 at 01:23 PM
0

Hi,

I guess the note suggested by Vadym should resolve your issue.

You can have a look in the newly added feature in REST adapter - OAuth 2.0 Grant type Flow as well.

Thanks,

Apu

Share
10 |10000 characters needed characters left characters exceeded