Skip to Content

Time-Series Changepoint Detection: Failed to resolve API Key. What is wrong?

Hello there,

I am trying to use the Time-Series Changepoint Detection from the SAP API Business Hub:

First I followed this tutorial (I have set the destination in the SCP of course.):

It includes the ajax request:

    headers: {
        'Accept': 'application/json',
	'APIKey': APIKey
    url: url,
    type: "POST",
    data: $.param({
        "options": "{\"separator\":\"" + oView.getModel("cpapi").getProperty("/options/separator") + "\", \"series_separator\":\"" + oView.getModel("cpapi").getProperty("/options/series_separator") + "\"}",
        "texts": text
    async: false,
    success: function(data) {//not important bc request fails},
    error: function(request, status, error) {"Caught2 - [ajax error] :" + request.responseText);

APIKey, url and text are Strings. The responseText is: {"fault":{"faultstring":"Failed to resolve API Key variable request.header.apikey","detail":{"errorcode":"steps.oauth.v2.FailedToResolveAPIKey"}}}

This error usually occurs when the server can not find the API Key in the request. But why? I tried an other way using XMLHttpRequest:

var url = "/ml/ml/changepointdetection/inference_sync";
var myText = this.getView().byId("testText");
var options = new FormData();
var data = new FormData();
options.append("seperator", ",");
options.append("series_seperator", "#");
data.append("options", options);
//Optional parameters
data.append("texts", "-90.19,62.67,-22.85");
var xhr = new XMLHttpRequest();
xhr.withCredentials = false;
xhr.addEventListener("readystatechange", function () {
    if (this.readyState === this.DONE) {
//setting request method
//API endpoint for API sandbox"POST", url);
//adding request headers
xhr.setRequestHeader("Accept", "application/json");
//API Key for API Sandbox
xhr.setRequestHeader("APIKey", "<Sandbox APIKey>");		
//sending request

The same error as above occurs. I would appreciate any help. I am struggling with this for weeks. If you need me to provide more of my code or any other further information, please tell me.

Cheers, Niclas

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Jan 03, 2018 at 05:17 PM

    Hi Nicolas,

    Are you doing SSL handshake as well? All APIs in SAP Business Hub use HTTPS protocol. So you need to make sure your JavaScript code is running on a browser that trusts the SAP Cloud Certificates. Also, you need to be logged in to be able to call this end-point. If you already have a SAML token, try forwarding it to the API together with the APIKey or make sure the app is deployed on SAP Cloud Platform and that you are already logged on before you call the page that contains the ajax call.


    Add comment
    10|10000 characters needed characters exceeded

    • Hi Ivan,

      thank you very much for your answer! So how can I check if I am doing the "SSL handshake"? I am logged in with my SAP account and there is an authentication process starting my SAPUI5 App. The url of my SAPUI5 App as well starts with "https" and the browser says that the certificate is valid. How can I find out what is my SAML token? You would recommend sending it in the header of my request? What would be the correct keyword?

      I deployed the App to SAP Cloud Platform to try starting it from there but the same errors occurred.

      By the way this is my destination I am using. I tried several authentication methods

      Best Regards,

      mldestination.png (51.4 kB)
  • Jan 04, 2018 at 01:06 PM

    Hi Niclas,

    Now it is more clear what you are trying to accomplish here with the API call

    I believe what you need is the AppToApp authentication on your destination. Since your destination is marked as NoAuthentication what happens is that when your SAPUI5 calls this destination it doesn't forward any of the session cookies which in turn makes your call "unauthorized". So your JavaScript probably not checking the HTTP return code, since SCP will never issue an HTTP response 401. The reason behind this is that SCP will present an authentication form instead of proceeding to the real address. Thus, the response will most likely be 200. There is an excellent blog on this subject and there the destination is using AppToAppSSO.


    Add comment
    10|10000 characters needed characters exceeded