Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to use Postman to call SuccessFactors API using OAuth authentication method and SAP Offline SAML Assertion generator.

Wes_Ancog
Explorer
‎02-02-2023 1:20 AM

How to use Postman to call SuccessFactors API using OAuth authentication method.


Introduction:



With the upcoming removal of basic authentication on November 20, 2026, it’s important to start using OAuth as your go-to authentication method for new integration scenarios. This tutorial will guide you through the process of using OAuth authentication method on Postman, a highly valuable tool for integration development.




Reference: https://help.sap.com/docs/SAP_SUCCESSFACTORS_RELEASE_INFORMATION/8e0d540f96474717bbf18df51e54e522/fc...


 

Additionally, with Deprecation of OAuth IdP API /oauth/idp, we need to use other way to generate SAML assertions. In this tutorial we will use the SAP provided offline SAML assertion generator tool


 

Reference:

https://launchpad.support.sap.com/#/notes/3239495

 

This tutorial was created by combining information from various sources and personal experiences. Let’s get started!

 

Prerequisites:


Familiarity with Postman, SuccessFactors, and Windows OS.


A client has been registered already in SuccessFactors:



Application registered in SuccessFactors

Step-by-Step instructions:


 

  1. Download Apache Maven from binary files from https://maven.apache.org/download.cgi



Once downloaded, go to your downloads folder and move the file to a more secure folder. For example, I have placed mine in a folder I created on my desktop (C:\Users\HPX360\Desktop\Tutorial).




Extract the zip file.




 

 

 

2. Download and install Java JDK.


Do a google search for “Java JDK downloads”, since the URL depends on where you're from.





Click the Windows Tab and download the x64 Installer.


Go to your downloads folder and install it.




Take note of the installation folder (C:\Program Files\Java\jdk-19)




 

 

3. Set up Environment Variables on your Machine.


Use the search bar beside the windows button and search for “environment”




From the result, choose “Edit the system environment variables”




Click Environment Variables…




Add the JAVA_HOME variable on the user and system variables by clicking the New button




Variable name: JAVA_HOME


Variable value: installation folder of Java JDK you downloaded earlier.



User Variable

Add the same values to the system variable.



System Variable

Add your Maven folder location to the Path variable of your machine.


To know the folder location address, in our example, we can go to the folder then right-click on the top part, and click copy address as text.


Example: C:\Users\HPX360\Desktop\Tutorial\apache-maven-3.8.7




In my machine, there is already a Path variable so I just click Edit and then click New then add the maven directory to both user and system variables.




Click OK and another OK to save the variables


 

 

3. Download and extract the SAP Provided SAML Generation tool


https://launchpad.support.sap.com/#/notes/3031657




Save it in the tutorial folder and extract the zip file.




 

4. Set up SAML assertion SAP offline tool.


Inside the folder you extracted earlier, open the SAMLAssertion.Properties file via the notepad editor of your choice.





Change the properties on the file with the ones from your SuccessFactors Tenant and save the file.


tokenUrl = https://<Tenant API URL>/oauth/token


clientID = API Key from the registered client in SuccessFactors


userId = User ID used by the registered client in SuccessFactors


userName = leave it as it is


privateKey = Use the private key you uploaded when you register your client in Successfactors or for this example, we will use the private key we generate from Successfactors.



 
Sample File

5. Generate SAML assertion using the SAP offline tool.


Open a command prompt from the search button then click Command Prompt App





Enter cd <<folder where you extracted the SAML offline tool>> then hit Enter.


Example:



Location of the SAML offline tool you downloaded earlier

Sample command

Once you hit enter, the current directory will change and you will see a new line like the one above.

Enter the command: mvn compile exec:java -Dexec.args=”SAMLAssertion.properties” and hit Enter



Sample Command

If all steps were setup correctly then you should get an output like the one below:



Highlighted text is the generated Assertion. Copy and save it.

Copy and paste the generated Assertion on something like a notepad.


 

 

6. Postman Setup and API test call


Use the assertion we generated earlier to get the SuccessFactors token.


Make a POST request to https://<Tenant API URL>/oauth/token


Go to Body tab choose raw and enter the value company_id=<SuccessFactors Company Id>&client_id=<SuccessFactors API Key>&grant_type=urn:ietf:params:oauth:grant-type:saml2-bearer&assertion=<Assertion we generated earlier>



Sample POST request.

You will get the token as response. Copy this token.



Token will be received from the response. Copy the token.

Create a get request. Use any API call that you usually use for testing.


Go to Headers then add “Authorization” in the Key with value:


Bearer <token we got from the POST response>




Hit send to do the GET request and you will get the desired result. 🙂




 

Remember that the assertion has an expiry and once expired you need to repeat steps #5 and 6 again.

That’s it for this tutorial! I hope you found it helpful and informative. If you have any questions or need further clarification, please feel free to ask. Your feedback is greatly appreciated! Thank you for your time! Give me an applaud below if you liked this tutorial! ☺

20 Comments
former_member98714
Newcomer
‎02-06-2023 3:35 PM
0 Kudos
I got this error when generating the saml assertion. is there any step that I miss?
Fail to generate SAML Assertion due to java.security.InvalidKeyException: IOException : DerValue.getBigIntegerInternal, not expected 48
Wes_Ancog
Explorer
‎02-06-2023 7:55 PM
0 Kudos

Can you verify the completeness of the private key obtained from SuccessFactors to ensure that no characters have been omitted?

FrankKrause
Participant
‎03-28-2023 10:26 AM
The issue is that you may have used the "Certificate" instead of the "Encrypted Private Key". When reading the guide its kind of misleading in step 4 with the SuccessFactors screenshot "View an existing OAuth Client Application".
Wes_Ancog
Explorer
‎04-04-2023 12:30 AM
Thanks! I have corrected this.
former_member147735
Employee
Employee
‎04-17-2023 6:05 PM
0 Kudos
Hi all,

i have the same problem.

I used in the SAML Assertion.properties file:

tokenUrl=https://apisalesdemo2.successfactors.eu/oauth/token
clientId= <API Key>
userId=
#userName will only be considered when userId is null/empty.
userName=
privateKey= <*X.509 Certificate>

It's correct?

Where can I retrieve the private key in SFSF?


Manage OAuth2 Client Applications - In SFSF


Thanks in advance

Raffaella Baroni
former_member154628
Explorer
‎04-28-2023 5:30 AM
0 Kudos 
Hii oshmkufahsa,

 

I am getting the below error 415 Unsupported MediaType when I call through postman for a token.

 

Please help me to resolve this error.

 

Thanks

Shivam

Wes_Ancog
Explorer
‎05-14-2023 3:17 AM
0 Kudos

Hi Raffaella,

The private key will be only available for download during the first time you register a client on SFSF. If you have not saved this before, then there is no way to get a private key but to register a new client in SFSF.

 

Regards,

Wes

Wes_Ancog
Explorer
‎05-14-2023 3:23 AM
0 Kudos

Hi Shivam,

 

Try to add this on the header of the postman call.

Let me know if that works.

Regards,

Wes

usharani
Explorer
‎05-27-2023 6:49 PM
0 Kudos

Hi Wes Ancog,

In our project, we have more than 4 third parties, using Oauth authentication to interact with Successfactors, one is Mulesoft and the other are Python Scripts (Mobile applications/ Desktop applications).

So..Now, we have to replace /oauth/idp/ with offline tool. And in SAP KBA notes it is suggested that, we have to use a third party offline tool..which we trust.

 

Can you please shed light on the below doubts:

  1. what are the third party offline tools available
  2. Do you have any document to follow for a tool
  3. can we use apache maven
  4. Where should we install the tool (in my system or in third parties' (downstreams') system)
  5. who should generate the SAML assertion every time (like every 10mins/ 1 hour/ 24 hours....)
  6. https://userapps.support.sap.com/sap/support/knowledge/en/3301583  can we use this blog

Your answers will be more helpful for me and my project.

 

Thanks a lot.

usharani
Explorer
‎05-29-2023 6:59 AM
0 Kudos
Hi Wes,

 

Can you please shed light on the process of using any offline tool for SAML assertion

1)What are all the available tools to use?

2) where should we install the tool (SF team or Thirdparty)?

3) who will regenrate everytime and how we do it?

 

Thank You

Usha A
jalmli
Discoverer
‎08-04-2023 4:21 PM
0 Kudos
Hi,

We get build success from SAML assertion key tool.  We copy the token given to us into postman.  Company ID, client ID, key, oauth is all set in the body.

We know we connect properly because if we change the company ID, Successfactors returns an error that the company is invalid.  However with the what is provided by the SAML key tool we receive the below error and cannot connect.



 

VeronikaSch
Discoverer
‎08-10-2023 1:15 PM
0 Kudos
Hi there!

Thanks for the very good tutorial, I have my assertions and they are working 🙂

BUT: where do I need the assertion aside from usage in postman?

as far as I can see, if want to call ODATA API from an iFlow in BTP, I can use

"OAuth2 SAML Bearer Assertion" where I only need the certificate & client Id.



THX
Veronika

Wes_Ancog
Explorer
‎08-11-2023 8:08 AM
0 Kudos

Hello Veronika,

There are some instances where client dont want to give password anymore so you need to use this way to test in postman. This is only for testing using postman, system to system connections usually already have built in function for assertion.

Regards,

Wes

Wes_Ancog
Explorer
‎08-11-2023 8:09 AM
0 Kudos
Hello,

 

I think you should consult with your SAP partner regarding this matter.
Wes_Ancog
Explorer
‎08-11-2023 8:10 AM
0 Kudos
Hi Justin,

 

Not sure, maybe you missed a few steps.
SrihariS
Discoverer
‎08-17-2023 4:41 PM
0 Kudos
Hi,

Thanks for the tutorial, how can i consume this oAuthentication into my UI5 application using BAS?

Thanks,
Ramya T
dhairya
Explorer
‎10-20-2023 4:33 PM
0 Kudos
Hi

I tried to follow all the steps but while creating smal assertion I am getting this error. Any Idea how can I resolve this.


Let me know if you have any information about this. Thank you.

 

Regards,

Dhairya Khimsaria
Wes_Ancog
Explorer
‎11-13-2023 11:37 PM
0 Kudos
Can you check if all the files are in the same folder?
Wes_Ancog
Explorer
‎11-13-2023 11:39 PM
0 Kudos
Since they are both within SAP ecosystem, I believe you should raise to your SAP partner.
dbtutorlab
Discoverer
‎11-23-2023 1:58 PM
0 Kudos
Another blog which i have written complete end to end information about this. Also uses automation via Postman. You can learn about it

Postman to call SuccessFactors API using OAuth authentication method via SAP Offline SAML Assertion ...
Labels in this area
Popular Blog Posts