on 05-08-2018 2:36 PM
Hi there!
I am trying to access an oData service of Hybris Marketing in the following URL, using Chrome as browser (it is a GET).
https://myxxxxxx-api.s4hana.ondemand.com/sap/opu/odata/sap/CUAN_IMPORT_SRV/$metadata
That URL changes automatically to:
https://asmxxxxxx.accounts.ondemand.com/saml2/idp/sso/asmxxxxxx.accounts.ondemand.com
This new URL ask for log on. However, if I try to log on with a communication user it gives me a log on error message.
Moreover, I tried with a business user, however I am getting the following error after the log on.
SAML2 service not accessible
What has happened?
Calling of URL https://myxxxxxx.s4hana.ondemand.co was terminated during SAML2 processing
Does someone know why this is happening? Why I cannot access the oData URL in Chrome? I have tried in the Postman, but without success either.
Here are some links that I based to do this oData, that maybe helpful finding the issue..
Import of Data Using OData Service CUAN_IMPORT_SRV
Import Using OData Service CUAN_IMPORT_SRV pg 26
Facebook Pages, Google+, and Twitter pg 21
Optimizing Performance During OData Service Calls
Set up the communication user on the SAP Hybris Marketing Cloud system
Thanks in advance
Marlos Damasceno
Hi,
Can you please put "saml2=disabled" at the end of URL and then try to log in using your communication user?
https://my30XXXXX.s4hana.ondemand.com/sap/opu/odata/sap/CUAN_IMPORT_SRV/$metadata?saml2=disabled
Thanks
Saurabh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Marios,
Actually if you do not use "saml2=disbaled" then system actually route network to IDP and hence trying to authenticate via IDP and not by marketing cloud.Hence the SAML2 error you face since the trust is not established. Moreover only business user are mapped at IDP not technical.
But when making you call via browser for APIs you have to use saml2=disabled and then only it gives you marketing authentication pop up and not the one from IDP. So basically with this additional param you are bypassing IDP.
Hope it clarifies your doubt!
Thanks
Saurabh
Hi Saurabh,
I have tried using the "saml2=disbaled" clause but after that I receive the following error message every time:
{"fault":{"faultstring":"Unsupported Encoding \"br\"","detail":{"errorcode":"protocol.http.UnsupportedEncoding"}}}
Do you know how can I solve this problem also?
Best Regards,
Mihai Dipsan
thank you very much for your answers Saurabh, I just figured that I find myself in a bit different constellation.
By calling the OData API directly from Hybris it works (with the additional clause saml2=disable).
However in my case I want to implement the API in SAP API Management (I am using the best practice proposed by SAP in SAP API Business Hub) and that's why I receive the above error.
It's strange because when I call the API from SAP API Management the only thing being changed is the domain. But the API Management domain should successfully replace the Hybris domain (it's basically just a mapping after all).
But unfortunately it doesn't work. I get the above error.
Would you happen to know what exactly causes this behaviour in SAP API Management or where should I address the problem?
I tested a whole bunch of Hybris API's this way and it seems the problem happens every time, no matter which API I choose.
Best Regards,
Mihai
A few years later but I stumbled across this issue while looking to fix a similar situation for another customer. The issue of {"fault":{"faultstring":"Unsupported Encoding \"br\"","detail":{"errorcode":"protocol.http.UnsupportedEncoding"}}}
is caused by Brotil encoded response which is not supported in API Management. The fix is to send a request with header Accept-Encoding with value gzip,deflate. You can additionally create a policy within API management Assign Message to automatically force this header as well.
Regards,
Elijah
I Have the same issue! Did you find please the solution ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
5 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.