cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to authenticate Cloud Platform API

Go to solution
tobias_mitter2
Explorer

on ‎03-17-2020 6:52 AM

Hello,

we want to use the cloud foundry platform api (http://v3-apidocs.cloudfoundry.org/version/3.81.0/index.html) to do some automation.

The API is OAuth2 protected. In order to authenticate, we would need to create an oauth client and use the credentials to get a token. We did not find any way to do that.

How can we access the api?

There is one way for testing we found, as according to the cloud foundry documentation you can get an oauth token with the CLI command "cf oauth-token". That is the only way we found to actually being able to call the api, but this is only ok for some quick testing, but for a live scenario we need a REST way to get a token.

Cloud Foundry documentation describes some way to create a client, but this does not work on SAP Cloud Foundry, as we don't have access to tools and infrastructure.

Thanks and regards,

Tobias

Show replies
Show replies
gregorw
Active Contributor
‎03-24-2020 8:26 AM
0 Kudos

Perhaps you can describe better what "some automation" means in detail. Because there is a way to retrieve the Audit Logs using an API for the Cloud Foundry Environment.

Answer
View Entire Topic
mike_zaschka
Active Participant
‎01-11-2022 12:25 PM

With the help of SAP:

The CF Cloud Controller API is currently not connected to XSUAA and thus it is not possible to obtain a token from there. Instead you have to directly call the CF UAA service and use a valid user (no service key) and the following parameters. You should then get a valid token with cloud_controller.read and cloud_controller.write scopes.

Endpoint

https://login.cf.eu20.hana.ondemand.com/oauth/token (BTP region dependent)

Basic Authentication
user: cf
password: (empty - no password)

Parameters:

username: <BTP user email>
password: <BTP user password>
client_id: cf
grant_type: password
response_type: token

An example CURL call:

curl -v -XPOST -H"Application/json" -u "cf:" --data "username=<BTP user email>&password=<myPassword>&client_id=cf&grant_type=password&response_type=token" https://login.cf.eu20.hana.ondemand.com/oauth/token
Show replies
Show replies
danfqa
Explorer
‎09-21-2023 2:39 PM
0 Kudos

Hello Mike! Could you please inform me about the CF User and where I can locate it? From what I gather, it's distinct from the BTP Cockpit user email. Also, how can I obtain the CF client_id? I'm attempting to execute the CURL example call on CF CLI, but I'm encountering an unauthorized error. Thanks for your assistance!

Ask a Question