on 07-17-2018 11:51 PM
Hi,
I want to call the URL https://bpmrulesruntimerules-XXXX.hana.ondemand.com/rules-service/v1/rules/invoke?rule_service_name=... within postman via post. Header has two keys: X-CSRF-Token (fetched with first call) and Content-Type (application/json).
As result I get:
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, shrink-to-fit=no"> <meta http-equiv="pragma" content="no-cache" /> </head> <body style="background-color:#FFFFFF" onload="var url=window.location.hash;if(url&&0!==url.length){var anchorCookie='oucrsrcmlaexnzkotbxsjsdis_anchor="'+encodeURIComponent(url)+'"';document.cookie=anchorCookie}document.forms[0].submit()"> <p> <script language="javascript">document.write("Please wait ...");</script> </p> <noscript> <p>Note: Your browser does not support JavaScript or it is turned off. Press the button to proceed.</p> </noscript> <form method="post" action="https://XXXXXX.accounts.ondemand.com/saml2/idp/sso/XXXXXX.accounts.ondemand.com"> <input type="hidden" name="SAMLRequest" value="PEF1dGhuUmVxdWVzdCB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpuczI9InVybjpvYXNpczpuYW1lczp0Yzp
Is there something special I need to configure in the IdP ?
@muralidaran.shanmugham2, archana.shukla do you have an idea?
Thanks, Sascha
Hi Sascha,
in addition to the Headers:
X-CSRF-Token (fetched with first call)
Content-Type (application/json)
you still have to send the Basic Authentication Authorization header with your SCP Username & Password. The CSRF should not be mixed up with a i.e OAuth Bearer Token.
Best regards
Gregor
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi again Sacha - there's a couple of things. First, the URL structure for invocation that you have is the "old" version. The new one looks like this (see the info in the API hub here: https://api.sap.com/api/SAP_CP_BusinessRules_Runtime):
https://bpmrulesruntimebpm-XXXXXX.hana.ondemand.com/rules-service/rest/v1/rule-services/java/<projec...;
The second thing is more speculative. It's hard to tell from the context that you supply, but I'm guessing what you have might be the result of not contextualising the CSRF token you've received. Have a look at this answer (and reference to a post I wrote that mentions cookies in the context of CSRF tokens) here: https://answers.sap.com/questions/563171/why-the-business-rules-invoke-rule-service-need-co.html?chi... and perhaps that will help.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi gentlemen,
I'm experiencing the same issue when I use the API directly on API Business Hub whereas it's working with postman.
Using API business Hub, Authentification et Authorization are configured when I defined the environment on which one I want to work.
Thanks in advance for your support,
Guillaume
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks a lot for your answers. We just had an awesome session with @gregorw and he solved the problems and showed us how to invoke the service. Kind regards, Sascha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.