on 12-21-2018 8:47 AM
Hi All, I got a requirement where i need to POST Data using x-csrf-token value coming from HCI Application .
My Technical Flow looks like below..
POSTMAN ---API---SAP CPI ---S/4 HANA Odata Service
When i am trying to fetch the x-csrf-token value using below End point URL by GET Method
https://<APIHostName>:<port>/v1/ContractReplication/SalesContractSet
I got 200 response with x-csrf-token value.
When i use the above x-csrf-token value for POST Method on same URL, i am getting 403 forbidden error. Please help me out how to fetch the proper x-csrf-token value using API Tool.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
X-CSRF-Token is a non-standard header field, you will need to manually assign it within POSTMAN if you are directly engaging with a CSRF enabled system.
For utilizing API Management to maintain the CSRF token, it is recommended that you persist the token information in a short-lived cache in order to avoid repeated requests, however you will need to ensure the Cache does not outlive the token lifetime. When used in conjunction with CPI you must ensure that CPI is configured in a way to handle the token and cookie information passed by the request (in this case APIM) else you may find that the disjoint of information causes the CSRF Token to be mishandled by the backend.
Hello Uday,
I managed to have a service call out operation in API to fetch the csrf token and extracted the cookie and the token from the response of the service call out and set the same to the request attributes for the post request. So, technically, it will be only one request from the sender and the API makes to calls in the same API to fetch the token and update using the same token if the HTTP request verb is POST.
POSTMAN -> API (fetch token and set the token & Cookie) -> CPI -> S/4 HANA.
But, in my case, it is working sometimes and sometimes not. I'm struggling to understand where is it going wrong. If you managed to solve your problem in a different way, please share the solution. Thanks.
Regards,
Anil Kumar VEEPURI
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.