03-23-2018 10:20 AM - edited 02-04-2024 3:55 AM
Hi,
I am trying to Configuring SAML Trust between Neo Environment and Cloud Foundry Environment. I have done all the steps as per SAP's document(SAP IoT Application Enablement Reuse Controls and Templates)(Document Version: 1.43.0 – 2017-11-03). But while accessing the SAP Web IDE, i am gettting error as shown in below screen shot:
Note: My Cloud foundry environment is on different account and Neo environment is on different account.
I am able to fetch the time series data from IoT 4.0 with Postman.
Thanks,
Abhishek
Hi,
Can you show me how your authentication endpoint in the destinations looks like?
Recently there was the following announcement for the trust configuration between Application Enablement and Neo:
"Dear customers, There is an ACTION REQUIRED for IOT AE users of WebIDE before 15.02.2018: If you are creating IOT applications via the Web IDE, you need to apply some changes in the destination set up as described in the attached document and video. The reason behind this is that there was a change in the XSUAA that was announced at 23.11.2017 with the CF release note regarding Security: https://help.sap.com/viewer/cafc710a2446438abafad188be02bb59/Cloud/en-US/d51c12839e4549d19e53e01bc69.... This change is required to support better our Multi Cloud strategy which has been announced with the following link: https://news.sap.com/sap-cloud-platform-goes-multi-cloud-with-cloud-foundry/ If you do not change the destination links, your applications will not work any more after 15.02.2018. Customers who will receive their welcome mail starting from tomorrow (06.02.2018) should already get the updated link versions. You also do not need to wait until 15.02. to apply the changes, but you can apply them directly. Everything should be working fine in a seamless way. Best regards IOT AE Developer Experience Team"
Regards
Jan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jan,
Thanks for your reply.
PFA authentication endpoint in the destinations.
Please note that, my cloud foundry is on different subaccount and neo is on different subaccount.
Thanks,
Abhishek
Hi Abhishek,
The destination configuration is wrong. Please have a look into the current version of the Application Enablement documentation and configure the destinations accordingly with OAuth2SAMLBearerAssertion.
Regards
Jan
Hi Jan,
As per your above comment, i have configured my destination with OAuth2SAMLBearerAssertion. Now, I am getting the response code as attached in connection.png screen shot.
Also, i am attaching screen shot of my code, using that i am trying to consume the service.
while running the code i am getting "401- Unauthorized" error.
Thanks,
Abhishek
Hi Jan,
We have already configured all these things(Application Enablement, IoT service cockpit, SAP Web IDE Full stack) and we are able to get live data as well at my Web IDE application.
Now, we are trying to configure the existing cloud foundry to other neo account to consume the IoT service as shown in below screen shot.(Blue line indicates that, the REST API of IoT 4.0 to be consumed in other neo account)
Using this link ( https://www.sap.com/developer/tutorials/iotae-api-postman.html ) i have followed all the steps and retrieved below service:
https://tenant-name.iot-sap.cfapps.eu10.hana.ondemand.com/appiot-mds/Things('0F4DFD27CB3743E19E060B93B5F25677')/iot.shared.fd4iotpackage:Fd4IoT_ThingType/FD4_MQTT_Device?timerange=3M
Now, I am trying to consume this service in other neo account Web IDE to show the time series data. But i am getting errors as discussed in earlier discussion.
Please do let me know if any clarification is required.
Thanks,
Abhishek
Hi,
Yes, that helped me to understand your problem. So, your second Neo account doesn't have a trust connection to Application Enablement and therefore you tried to connect using basic authentication. But Application Enablement doesn't support basic authentication.
You have to possibilities:
Regards
Jan
[1] https://blogs.sap.com/2017/10/13/access-the-sap-iot-application-enablement-apis-using-postman/
Hi Jan,
Thanks for your quick reply.
can you help me in the same.
2. Thanks for your detailed blog. I will try to go through the same and will let you know.
Thanks,
Abhishek
Hi,
It is not possible to establish trust between a Trial Account and Application Enablement, because you can't do change the identity provider for your trial account [1]. So you have to use option 2. or you have to change your architectur and deploy your app to the Neo account with the connection and consum the other services from there.
Regards
Jan
Hi Jan,
Thanks for your continuous support.I am trying with this https://blogs.sap.com/2017/10/13/access-the-sap-iot-application-enablement-apis-using-postman/ blog. but i am getting error as "Unauthorized". PFA screen shot for your reference.
I don't know whether i am missing anything and which credentials do i need to put over here to over come this unauthorized error ?
Thanks,
Abhishek
User | Count |
---|---|
78 | |
9 | |
8 | |
6 | |
6 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.