on 01-06-2024 7:17 AM
Hello Experts,
I am trying to access the below integration content API to generate X-CSRF-Token in CPI. I am able to generate token successfully in POSTMAN but the same fails in CPI with status code 401 error. Attached are the configurations done in CPI. Request you to please suggest a suitable solution for this issue.
https://api.sap.com/api/IntegrationContent/resource/CSRF_Token_Handling
Regards,
Varun Vichare.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Varun,
Would you mind sharing the Postman reference of successful Token generation here?
I feel that there's some issue with your session handling mechanism that you have to explicitly take care of, which is not an additional effort in Postman but in CPI.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Varun,
Are you trying to make a GET call fetching CSRF Token and use it to access another resource path in the API?
IF so, you can avoid this step and simple use "OAuth2ClientCredentials" authentication for the respective resource itself.
However , you want to configure the below parameters in the http receiver adapter you're currently using .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Varun,
Check if headers from Content Modifier are listed in Request Headers of HTTP channel to fetch CSRF token (separated with the pipe character (|)). Alternatively you can use asterisk (*) to pass all headers to API. Response Headers should be equal to asterisk (*) by default, this allows iflow to get CSRF token.
Also, make sure that HTTP Session Reuse in Runtime Configuration is set to 'On Exchange' so that subsequent calls to API correspond to a single session.
Best regards,
Valerijs
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
Just to complement, when we talk about the request headers, especially in relation to the X-CSRF-Token, it could be a potential source of the issue on the SAP Integration Suite Cloud Integration. If the header attribute values are not correctly defined, or the required headers are missing (such as X-CSRF-Token, cookies for session handling, content type, etc.), it can lead to a 401 unauthorized error. Hence, it is necessary to verify the structure and values of the request headers in the iFlow configuration.
Kind Regards,
Hi, just in case, as it is not shown in the screenshot: are you allowing headers?
Cheers,
Carlos
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
9 | |
9 | |
8 | |
7 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.