Skip to Content

SCP Workflow Service Task - Headers

Hi,

I would like to consume an oData service from within my SCP Workflow. For this purpose, I have made the necessary destination configurations and added the associated values in the workflow's "Service Task properties".

I don't see any placeholders for the oData service request headers such as "X-Requested-With","Content-Type", "Accept" etc. Where should these be configured?

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Apr 04 at 07:12 AM

    In addition to Tobias Breyer 's answer, I wanted to add a small point. If you're wanting to consume the OData service "simply as a set of REST-informed JSON resources" (not unheard of), you can always use the OData query parameter $format=json to ensure you get JSON back, in addition to the content-negotiation header you already mentioned. Just a thought.

    Add comment
    10|10000 characters needed characters exceeded

  • Apr 04 at 06:37 AM

    Hi Kavya,

    specifying headers is currently not possible. You would have to add them by other means, such as building a wrapper service or using middleware like Cloud Platform Integration.

    Additionally, the headers Content-Type and Accept are not of much use, because service tasks in Cloud Platform Workflow are generally only meant for JSON-based REST services, i.e. the runtime engine already sets Content-Type and Accept to application/json.

    From the "X-Requested-With" header I guess that you might want to disable CSRF-protection (see https://help.sap.com/viewer/68bf513362174d54b58cddec28794093/7.4.19/en-US/b35c22518bc72214e10000000a44176d.html). I wonder why you try to do this. Doesn't the built-in CSRF-token handling help you in setting the CSRF headers? See the help section on service tasks at

    https://help.sap.com/viewer/f85276c5069a429fa37d1cd352785c25/Cloud/en-US/a8a6267f537841fbb22c159ba2af8835.html

    Best regards,

    Tobias

    Add comment
    10|10000 characters needed characters exceeded

  • Apr 04 at 01:08 PM

    Hi Tobias, DJ Adams,

    Thanks for the information. I can certainly do away with the Content-Type and Accept headers.

    The service that I am trying to consume is pretty old and I honestly have no idea as to why it expects the X-Requested-With header as a mandatory field. I have checked around to see if there is any CSRF token generation for these entity sets in place, but there is no such configuration either.

    I could see in the link shared by you that the CSRF token check can be switched to use Compatibility Mode for SP02 protection mechanism at SAP CRM level, but this is something that'll have to be done at the sub-node level such as "/sap/opu/sdata/sap" thereby affecting every service within it. I am not well-versed with SAP CRM (the system I am trying to connect to via oData services) to be able to call the shots on it.

    So currently the X-Requested-With header is what I will have to work with. Is there any ideal way to proceed with this, or do you have any recommendations w.r.t configurations that can be made at CRM end?

    Regards,

    Kavya

    Add comment
    10|10000 characters needed characters exceeded