cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why can't I get a X-CRSF-Token from rules and workflow runtime?

Go to solution
former_member560092
Explorer

on ‎07-05-2018 4:25 PM

0 Kudos

Hi everyone,

By working through the second part of the great blog series of sharadha.k about IoT Prototype with Business Rules and Workflow i was hitting the problem that I'm not able to fetch the X-CRSF-Token.

My response just sending me an 503 error back. Is it an internal error or do I forgot something to do?

Hoping anyone knows a solution!

best regards,

Kai

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Sharadha1
Active Contributor
‎07-05-2018 9:27 PM
0 Kudos

Kai,

I too got a similar error when I tested in the non-trial environment but managed to find the cause. I used the URL below and got response as 200 and got the XSRF token too.

https://bpmrulesruntimerules-xxxxxx.hana.ondemand.com/rules-service/v1/rules/xsrf-token

I got the url (first part) from the URL mentioned under connectivity services -> destination ->bpmrulesruntime . If you notice closely the term 'rules' appear twice once before the runtime and once after. I guess you can try with the same URL or check and confirm once in your destinations.

Hope this helps. Let me know if it works.

- Sharadha

Show replies
Show replies

Answers (8)

Answers (8)

gregorw
Active Contributor
‎07-05-2018 8:43 PM

Please check out the SAP Cloud Platform Business Rules Execution API it seems that the path to fetch the token has changed to:

/v1/rules/xsrf-token

Show replies
Show replies
qmacro
Developer Advocate
Developer Advocate
‎07-06-2018 9:20 AM
0 Kudos

I'm not sure it changed, in my (rusty) memory it was always /v1/rules/xsrf-token, tho I could be mistaken!

former_member611663
Explorer
‎05-21-2019 5:43 AM
0 Kudos

Hi Experts,

I am having a POST problem when attempting to call the subsequent ajax call after obtaining the X-CSRF-Token.

When performing the same on Postman it worked but not from Custom SAPUI5 application deployed on SCP.

1. PostMan (Business Rules Posting) - stranger thing is, it is still using the old format when invoke the post rules which is https://bpmrulesruntimerules-c6d698ada.ap1.hana.ondemand.com/rules-service/v1/rules/invoke?rule_serv...

When performing the same from SAPUI5 i am getting the following error, see below attached images - with the new URL format /bpmrulesruntime/rules-service/rest/v1/rule-services/java/SE_GSL/GSLRuleService.

This is the neo-app.json setting.

Performing the same with the URL format.

Show replies
Show replies
pjcools
Active Contributor
‎06-11-2019 11:59 AM
0 Kudos

Hi Ramon

I would log this as a separate request if I were you as this question has already been answered. This is a legitimate question as I too am having issues generating the X-CSRF-Token's and I believe it relates to the API's being modified.

https://api.sap.com/api/SAP_CP_BusinessRules_Runtime_V2/resource

When I look at the previous API's they are stating DEPRECATED as the Status. I currently cannot generate a token using the V1 API's nor the V2 API's so I would suggest opening another question like I did here

https://answers.sap.com/questions/12708781/apis-to-utilise-for-sap-cloud-platform-business-ru.html

Thanks & Regards

Phil Cooley

former_member27293
Explorer
‎03-05-2019 9:03 AM
0 Kudos

Hi,

I manage tot get the X-CSRF token, need to specify a fetch in the header parameter.

Show replies
Show replies
former_member27293
Explorer
‎03-05-2019 8:58 AM
0 Kudos

Hi Experts,

I have done the same above, attempting to obtain X-CSRF-Token. The call was made successfully with status code 200 Ok.

Nothing was returned in both response cookies and response headers.

Show replies
Show replies
Archana
Product and Topic Expert
Product and Topic Expert
‎07-12-2018 11:50 AM
0 Kudos

The URL you use is not correct. Please follow the API documentation from here:

https://api.sap.com/api/SAP_CP_BusinessRules_Runtime

Get XSRF Token: /v1/rules/xsrf-token
Post the rule service: /rest/v1/rule-services/java/{projectName}/{ruleserviceName}

403 forbidden comes when the token expires.

Instead of using REST Client, you can also use API Business Hub to test the rules.
https://api.sap.com/api/SAP_CP_BusinessRules_Runtime

  • Open the URL
  • Logon
  • Configure Environment
  • Select the API, fill in the parameters value
  • Click on Try out button

Hope that helps,

Archana

Show replies
Show replies
former_member560092
Explorer
‎07-18-2018 7:39 AM
0 Kudos

Hi Archana,

Thank you for your reply!

I've tried it both ways but always got the same result.

best regards,

Kai

former_member560092
Explorer
‎07-11-2018 2:31 PM
0 Kudos

Hi

I've got another problem based on this.

Now I get the token but when I post it I get the response that it's still required and a 403 forbidden status.

Do anyone know how to fix this?

best regards Kai

Show replies
Show replies
former_member560092
Explorer
‎07-06-2018 1:52 PM
0 Kudos

Hi Everyone again,

Thank you for your fast reply!!

First I used the chrome version of postman and there I tried it with different kinds of the URL of course also with the false URL in the screenshot. But I still just got 503 and no Token.

Now I've tried it with a newer Version of Postman and I've got a 403 response but with X-CRSF-Token.

So I think it wasn't just the wrong URL.

Thank You again for your support!

Best regards,

Kai

Show replies
Show replies
Sesh_Sreenivas
Product and Topic Expert
Product and Topic Expert
‎07-06-2018 12:42 PM
0 Kudos

Hello Kai,

Please check the service URL. The URL to be used is /rules-service/v1/rules/xsrf-token, while you have used /rule-service/v1/rules/xsrf-token.

The 503 (service unavailable) error is encountered when the bpmrulesruntime URL is incorrect. Please verify if you are using the correct host. Go to SAP Cloud Platform Cockpit, go to connectivity -> destinations and select the destination bpmrulesruntime. Copy the URL maintained in the destination.

The URL to get XSRF token would be <url copied from cockpit>/rules-service/v1/rules/xsrf-token

Regards,

Sesh

Show replies
Show replies
Ask a Question