Skip to Content
0
Jul 24, 2018 at 06:07 PM

What does SAML REQUEST look like when using SAP PI configured as an "Identity Provider"?

155 Views Last edit Aug 01, 2018 at 12:07 PM 2 rev

Hi there,

I am in a very frustrating situation where I would like get an oauth 2.0 token from a SAP ECC system.

Take note that I am wanting this to be ultimately "machine to machine" integration without any browser interaction at all.

To do this I am wanting to POST data to the following URL (url encoded):

https://<server>/sap/bc/sec/oauth2/token

The client id etc is all setup on ECC and the OData service is "oauth enabled"

The issue is the SAML assertion that is required:

client_id=<client_id>≻ope=<scope>&grant_type=urn:ietf:params:oauth:grant-type:saml2-bearer&assertion=<my_Assertion>

So I went away and configured SAP PI to be an "identity provider" so that at least I had a valid place to *hopefully* get valid SAML assertion responses that I could bundle up and use in my oauth 2.0 token request.

Assuming I have my understanding above correct, how can I us a tool like postman / soapui to get a SAML response from my SAP PI identity provider? I literally need to see the exact POST stream byte for byte so that I can replicate that in code.

Any help would be hugely appreciated.

Thanks

Lynton