Skip to Content

We are using SAP FIORI CLIENT with SMP3.0 but getting 'No CSRF token stored in session'

Hello All,

We are using custom SAP FIORI CLIENT with SMP3.0 . The application is getting authenticated with azure idp using saml and for backend authentication it used SSO mechanism.

Results -

1. application is getting registered in the SMP.

2. The ticket is getting generated for authentication in gateway, but getting the below error in smp - No csrf token stored in session for request with method [GET] and URI [/odata/applications/v4/<app_name>/$metadata].

Attaching the screen shot of the application setup in smp.

Please do have a look and give us some clue of what should be the issue.



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Dec 11, 2017 at 02:17 PM
        fiori_client_appConfig = {
            "appID": "<appId>",
            "fioriURLIsSMP": true,
    				"": "",
    				"": "/SAMLAuthLauncher",
    				"": "finishEndpointParam"	
            "multiUser": false,
             "certificate": "",
             "autoSelectSingleCert": false,
             "communicatorId" : "REST",
             "passcodePolicy":  {
            "keysize": "",
            "idpLogonURL": "",
            "privacyPolicies": [
                {"id": "mycompany", "label": "<company name>", "url": "<company url>", "lastUpdated": "2016-11-21T00:00"}
            // Customization options for the Logon screens, uncomment to use
             * backgroundImage - Path to the background image used for logon screens
            "backgroundImage": "img/background.jpg",
             * styleSheet - Path to the css file used for logon screens
            "styleSheet": "../../../custom.css",
             * hideLogoCopyright - Boolean value to hide the logo and copyright text in the footer of logon screens
            "hideLogoCopyright": false,
             * copyrightLogo - Path to the logo image in the footer
            "copyrightLogo": "img/sapLogo.png",
             * copyrightMsg - An array of 2 strings to specify 2 lines of copyright text in the footer
            "copyrightMsg": ["<company name>.", "All rights reserved."],
             * disablePasscode - Boolean value to disable the passcode screen
             * Note this value should not be set when multi-user support is enabled.
            //"disablePasscode": false,
             * allowSavingFormCredentials - boolean value whether the user will be given an option to
             * save their credentials when using form authentication.  Defaults to false.
            "allowSavingFormCredentials": true,
             * enableCacheManager - Boolean value to enable/disable the CacheManager plugin.  The
             * default value is true.
            //"enableCacheManager": false,
    Add comment
    10|10000 characters needed characters exceeded