Skip to Content

SAP Cloud Platform Mobile Services : REST API Application Development

Hi All,

With part of SAP Cloud Platform Mobile Services for development and operations, REST APIs enable standard HTTP client apps running in any OS to leverage SAP Cloud Platform mobile service security and push features. This platform provides different functionality like

Management and monitoring the apps

Native push notification like APNS , BES, GCM, WNS, MPNS

There is a proper procedure to get start with. First we have to register a client application with proper user information. Once registration is successful, we have follow REST API method to retrieve and update the application.

Create an application

  1. First, sign up for SAP Cloud Platform Trial account, enable “Development and Operations” under Mobile Services (in Neo Trial)

2.  Click on it, then click on “Go to service

3. In Mobile Service cockpit, navigate to Mobile Applications > Native/Hybrid > Click on “New

4. provide below info and Save it

Config Templates (optional) Native
ID com.sap.demo
Name Test App

5. As you can see in below screenshot that we need to add or assign one minimum feature in order to complete application configuration.

Next, we will add a destination/OData end point url to this app. Click on “+” plus icon besides “Assigned Features

In Mobile service, there is a ready made sample OData service available, you can perform CRUDQ operations against it.

  • use this sample service during development and testing
  • you can generate sample sales orders and purchase orders for multiple entity sets
  • you can view sample data for each entity in a separate text file, reset the sample data
  • this service uses OData V2    

7. It’s very important to check if ping connection from Mobile service to backend is successful and if you are able to backend data

Click on “Connectivity” under Assigned Features section and then click on “Ping” , if you see “Ping Successful” that means backend host is reachable from SAP CP Mobile Service.

Now, let’s check if backend data can also be accessible, for that click on “OData Application Data Test” icon (before Ping) , Click next , then you would be able to see backend Entity details and corresponding data.

,8. Important thing to note here is, a security configuration of “SAML” provider is assigned (by default) to the newly created application, you can always modify it as per your requirement.

for this blog post, i changed security config to “Basic

All good with application configuration, let move with on-boarding a user on SAP CP mobile service

On-Boarding a user

  1. Navigate to “APIs” tab, copy Registration URL
    URI https://hcpms-xxxxxtrial.hanatrial.ondemand.com/odata/applications/v4/com.sap.demo/Connections

2. open REST Client add-on/plugin in your preferred browser,

    • make a POST call
    • Add Header keys:
Key Value
Content-Type application/xml
Authorization Mobile service id and password
    • Add this xml text in the RAW body section:
<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom" xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
   <content type="application/xml">
      <m:properties>
         <d:DeviceType>iPhone</d:DeviceType>
      </m:properties>
   </content>
</entry>

 

    • Here i have added DeviceType as iPhone. That means registration will be for iPhone device.
    • Possible valid values for DeviceType are:
DeviceType Device
Android Android Devices
Blackberry Blackberry devices
iOS iOS devices
iPad Apple iPad
iPhone Apple iPhone
iPod Apple iPod
Windows includes desktop or servers with Windows OS such as Windows XP, Windows Vista, Windows 7, and Windows Server series OS

Windows8

Windows81

includes Windows desktop version

WinPhone8

WinPhone81

includes Windows mobile

Also: WinMobile, WinSmartPhone,Rim6

Check here for more details:  https://help.sap.com/viewer/e501bc6206bc4796b69baa3a634da3f3/3.0.13/en-US/7c0aaf8770061014a403e0decc28cbd6.html

Here you go,  click on “Send”

Request:

Response:

    Status as 201 created and in the Response headers you will see the newly created X-SMP-APPCID (ConnectionID)

To Verify the same registration in the Mobile Service cockpit,

navigate to “User Registrations” tab in the same application configuration,

 

CRUD operation for the given OData service via Mobile Service

 Since we have already created one application id for the given Odata service. Now we have to test if we are able to do GET, POST,PUT, DELETE operation for the same.

GET (Reading a record)

Method: GET

under “APIs” tab, copy “Destination” URL

 

URI https://hcpms-xxxxxxtrial.hanatrial.ondemand.com/com.sap.edm.sampleservice

Header Sections:

Key Value
Authorization Mobile service userid and password
Content-Type application/xml
X-SMP-APPCID registrationID value e.g. 23e81…3a5c0

 

Response:

here, all list of collections are showing up.

 

To view a particular collection data, append its “Entityset” value in the URL

e.g. https://hcpms-xxxxtrial.hanatrial.ondemand.com/com.sap.edm.sampleservice/Customers

 

POST (Creating a record)

Lets create a new customer record in customer entity

Method: POST

URI https://hcpms-xxxxxxtrial.hanatrial.ondemand.com/com.sap.edm.sampleservice/Customers

 

Header Sections:

Key Value
Authorization Mobile service userid and password
Content-Type application/xml
X-SMP-APPCID registrationID value e.g. 23e81…3a5c0

 

Request: 

  

 

Body Content:

<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom" xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
   <content type="application/xml">
      <m:properties>
         <d:City>Walldorf</d:City>
         <d:Country>DE</d:Country>
         <d:DateOfBirth>1987-01-01T00:00:00</d:DateOfBirth>
         <d:EmailAddress>saptestuser@sap.com</d:EmailAddress>
         <d:FirstName>Test</d:FirstName>
         <d:HouseNumber>4</d:HouseNumber>
         <d:LastName>User</d:LastName>
         <d:PhoneNumber>1012697341</d:PhoneNumber>
         <d:PostalCode>57490</d:PostalCode>
         <d:Street>PlattnerRingRoad</d:Street>
         <d:UpdatedTimestamp>2018-01-05T17:33:53.15</d:UpdatedTimestamp>
      </m:properties>
   </content>
</entry>

Response:

you must get a “201 Created” status code.

 

You can verify data in backend by navigating to Mobile Service>Native/Hybrid> com.sap.demo>Connectivity>OData Application Data Test > select Customers entityset from dropdown

 

PUT (Updating a record)

Method: PUT

Lets update same record with city as “Mannheim”

URI https://hcpms-xxxxxxtrial.hanatrial.ondemand.com/com.sap.edm.sampleservice/Customers(‘100000610’)

Header Sections:

Key Value
Authorization Mobile service userid and password
Content-Type application/xml
X-SMP-APPCID registrationID value e.g. 23e81…3a5c0

    

    

Body Content:

<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom" xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
   <content type="application/xml">
      <m:properties>
         <d:City>Mannheim</d:City>
      </m:properties>
   </content>
</entry>

Response:

you must get a “204 No Content” status code.

DELETE (deleting a record)

Method: DELETE

URI https://hcpms-xxxxxxtrial.hanatrial.ondemand.com/com.sap.edm.sampleservice/Customers(‘100000610’)

 

Header Sections:

Key Value
Authorization Mobile service userid and password
Content-Type application/xml
X-SMP-APPCID registrationID value e.g. 23e81…3a5c0

Body Content: NA

Response:

you must get a “204 No Content” status code.

For detailed information on REST API topic, check : REST API App Development

You van also follow below tags for blog posts and queries:

I hope this will blog will help you to understand basic concept of on-boarding of a user at SAP Cloud Platform Mobile Service for development and operations using REST client.

Your comments and feedback are most welcome.

Cheers,

Jitendra Kansal

Product Management, SAP Cloud Platform User Experience
SAP SE

83 Comments
You must be Logged on to comment or reply to a post.
  • Hi Jitendra,

    Following your tutorial,

    I’ve created an OData Service and have configured the application in SMP 3.0.

    But when I’m hitting following url:

    http://localhost:8080/odata/applications/latest/com.test.dept

    from the rest client I’m getting status as 200 OK but not getting any thing in the response body.

    I also tried to register a device as mentioned in the tutorial but again the response was 200 OK and nothing in the response body.

    Kindly help.

    Regards,

    Serveshwar Mishra

      • Getting the same, status code 200 OK and nothing in the response body.

        Probably its an authorization issue.

        I’d opened the server log of SMP 3.0 and getting “Authentication failed Authentication failed due to invalid credentials.” although valid credentials are being supplied.

          • Hi Jitendra,

            I haven’t made any registration so far, I’m stuck at the very first step itself i.e. after hitting following url: http://smpserverip:8080/com.test.dept dept with “GET” request I’m supposed to get 200 in response status and a response body containing “EndPoints” and “Connections”.

            But I’m getting 200 status in response header and nothing i.e. no xml in the response body.

            I’ve tried with other steps too i.e. tried to register the device with “POST” request as mentioned in the tutorial but always getting the same i.e status 200 OK and an empty response body.

            I’d checked the server log and it says, “com.sybase.security.core.PreConfiguredUserLoginModule##anonymous#http-bio-8084-exec-8###Authentication failed Authentication failed due to invalid credentials.” whenever I’m trying to hit the url via Rest client.

            Untitled.png

            Regards,

            Serveshwar Mishra

          • Serveshwar Mishra

            If you have Firefox installed, check the same GET request in its RESTClient OR clear cache, cookie of browser and Chrome rest client and then try.

            Also, have you set any security profile to existing application? Can you try with some new profile and add its authentication provider as “NoAuthenticationProvider”

            Hope you will get some hints now.

            Rgrds,

            JK

  • Hi Jithendra,

    I’ve been following your blog and implementing from my hybrid application using cordova, and I am succesful registering device

    Code:

    OData.request

      ({

      requestUri:  “http:/serverip:8080/odata/applications/latest/com.demo.test/Connections”, 

                    method: “POST”, 

                        headers:

                            {   

                      “Authorization”: “Basic c21wQWRtaW46V2VsY29tZTAx”,

                            “X-SMP-APPCID”: “”,

                            “Content-Type” : “application/json”

                               },                            

                data: {

      DeviceType:”Android”

         }

    });

    This works fine on my local server, When I try to implement on our global server, I get no response.

    Can you assist me through this.

    <<serverip removed by Jitendra>>

    Thank You

    Avinash

        • Are you able to do the registration from REST client on global SMP server? Are you getting 201 message? Did you find any logs in global server installation path? Make sure you pass the correct credentials under “Authorization” header?

          When you created an app id in Admin cockpit in global smp server, are you able to ping it successfully?

          • Jitendra, I got the solution, since device doesn’t have host, We have to use static host name or address then we will be able to access it. Successfully am able to register. Now all I thinking is, Is this a correct approach for creating hybrid app or should we be using  kapsel plugins to logon and register

          • You can follow two different approaches for creating hybrid apps in smp 3.0

            1. REST API app development : That one you are following right now ( i guess)

            2. Using Kapsel plugins

            It is not mandatory that you should use kapsel plugins for developing hybrid app.

          • Good to hear that ,and is mandatory to develop the ios native app’s using the SMP plugins and  cant  we develop through Rest API?

            If we develop the app through Rest API ,can we reach the SAP standards so to push the application to SAP store?

  • Hi Kansal… Thanks fo this blog .. It is very helpful one. But i am struggled with offline settings. As we know we can configure the offline settings for the app in SMP Cockpit. After configured that how  to test the offline capability in REST Client? Is there any way test it?

    • Hi Saranya,

      REST API based applications will not support offline. Only hybrid and native apps supports offline, you have to use hybrid/native SDK for it.

      Regards, Midhun

      SAP Customer Experience Group – CEG

  • Thanks for the reply.. I have created one hybrid app in the SMP cockpit.. And i configured offline cache for it in that SMP admin cockpit.. could you tell me how i can test it? whether it is working or not in offline mode.. or what steps i can proceed further to get the offline service of the app.

    That will be more helpful.

  • Hi Midhun,

    Your information is really helpful. But If i dont want to test it in the app level and i want to test the SMP server level for offline cache . Is there any way to do it ?? Like testing procedures for that offline cache of SMP cockpit something like that??

    If it is not anyway then i can go with Kapsel Plugin. Please help me with this.

    • Hi Saranya,

      You can’t test offline from SMP server. You have to implement offline in your native or hybrid app to test it.

      Regards, Midhun

      SAP Customer Experience Group – CEG

  • Hi Jitendra,

              I am trying to test my application configuration on SMP server using rest client. However I am using SAML based authentication with ADFS as authentication provider. Can I use the rest client on firefox to test the user on boarding???. If so how to go about.

    thanks and regards,

    Kumar.

  • Hi everyone!

    I want to develop a new android application using SAP mobile platform, can any one suggest me any tutorial for beginners that how do i manage gateway connections and how can i get REST apis for different authorizations.

    I will be very thankful for reply.

    Regards,

    Satish J

  • Hi Jitendra,

    I am following your tutorials, and i meet an error 403:

    – First Step: I use GET Method to retrieve X-CSRF-Token. And it work perfectly.

    Screen Shot 2015-05-05 at 4.17.13 PM.png

    – Then, i use returned value from Server to supply to the Headers , and call POST Method:

    Screen Shot 2015-05-05 at 4.17.53 PM.png

    Screen Shot 2015-05-05 at 4.18.05 PM.png

    I don’t know why i got this error? Can you help me to resolve this problem?

    Thanks and Best Regards,

    Sao Vu.

    • Sao Vu

      Can you provide me below info:

      1. What is SMP server version you are working on? e.g. 3.0 SP05

      2. How many odata service are there for the application com.FPT.BookDB?

      3. Are you able to ping the app id in admin cockpit?

      Regards,

      JK

      • Hi Jitendra,

        Thanks for reply.

        1. I am using SMP 3.0 Server SP 05

        2. In my application, i use one Odata Service

        3. Yes, i can ping to my app. But, Gateway cockpit gives me the https:8083 link ( because of SP 05), so i replace it to Http:8080. If i use Https:8083 as backend in Admin, i can NOT ping to app, and if use Http:8080 , i can ping to app. So i use Http:8080 as my endpoint URL.

        I tried to test when replace Https:8083 -> Http:8080, they have no difference.

        Thanks and Regards,

        Sao Vu.

        • Sao Vu

          fyi: odata services exposed via Integration gateway listen on 8083 (admin port) from SP04 onward. It is always better to use https than http as it more secured.

          You have to check INTERNAL option for such services (as i mentioned in step 2)

          Are you able to execute odata service in the browser? and entityset data?

          what is the data source you have binded with entities?

          Regards,

          JK

  • Hi Jitendra,

    I have created my own web service in Netweaver for create operation and converted it in to OData service. When i am accessing  through SOAP UI it is working fine and I am getting success message:

    /wp-content/uploads/2015/05/error2_711991.pngBut when trying to make a POST request through Advanced REST client after deploying to SMP, I am getting the below error:

    /wp-content/uploads/2015/05/error1_712010.png

    I am using the Authentication as mentioned in the post as “Internal”. Please let me know if any further information is needed.

    Thanks and Regards,

    Swathi

  • by following the tutorial, I Successful ping the application id and get the “Endpoints and Connections” from the Crome REST Client.

    I encounter error when “register the application ID” like the following screen shot. Please help.

    post connection.jpg

    ServiceErrorException.JPG

    Regards

    Choong

  • Hi Jitendra,

    i have a small question:

    How can we reuse X-SMP-APPCID ????

    Suppose i have an application, in first time login, it will register device, and in second time,third time,… i login, but i want it will not register again, and use information that i register in the first time ???

    Thanks and Best Regards,

    SaoVV

      • Hi Jitendra,

        Thanks for reply.

        I have a login screen, User will fill username and pass to textfield and submit to SMP server. So:

        – First time they login: app will register device and turn into other screen

        – Second time login: they still fill , but i want use information from first time, and turn into other screen.

        It likes MAFLogon. But i cannot use maf because of some private reason.

        Thanks and Best Regards,

        Sao Vu.

          • Hi Jitendra,

            No. I mean i use same Login screen.

            1. When the app is installed, user run app: the login screen appear, they fill infor and supply it to SMP server ( this is the first time). He has a session with APPCID,Username,… After finish working, he quits apps.

            2. Another day, he runs app: the login screen appear.( but he registered account in 1.). He fill infor and supply. He has a session (but old APPCID, old username,..).

            ==> i want to ask:

            – How can we get APPCID, USERNAME, APPID,… SMP give us, to reuse ???

            – How can we know that device is registerd ????

          • Hi Sao,

            When you register for the first time, in the response of your login request you will get APPCID (if you use maflogon it will be by default saved in encrypted data-vault. If you are not using maflogon you need to find your own way to store this value). You will be using it for all further transactions from the app.

            If you logout from the app this connection will be deleted from SMP server. Do not let the user logout of the application, hence the user do not need to login again and could use the same APPCID. Hope this satisfies your requirement.

            Regards,Midhun

            SAP Technology RIG

          • Hi Midhun,

            Thanks for reply.

            As MAFLogon, we should Unregister, and APPCID will be deleted. But the user just quit the app, and re-run, so he must re-login again, he does not unregister.

            I want when he re-runs app, he can get previous APPCID,APPID,… and not register new registration to SMP Server.

            Without MAF, just URL Request, how can we do ???

            Thanks and Best Regards.

            Sao Vu.

          • Hi Sao,

            I hope you are not following the REST API approach, and you are using Odata SDK.

            You could follow this blog to not use MAFLogon: Onboarding users with Native OData SDK – SMP 3.0

            In the response of your request you should get APPCID. You could store it in your local db and use it for all further transactions.

            What is the reason you are not using MAFLogon component ?

            Regards,Midhun

            SAP Technology RIG

          • Hi Kundan,

            To my knowledge Xamarin uses a different SDK to connect with SMP. I don’t have much information on it. You could raise this question in Xamarin support portal.

            Regards,Midhun

            SAP Technology RIG

  • Hi Experts,

    First Time when i register device i can get registration ID and i can pull oData services, but when i login in the app next time i want user to call odata service using registration ID which was created before, instead of creating new one.

    How do i store RegistrationID in cache? or In any other option.

    please reply.

  • HI Jitendra,

            See your discussion, in step 2,I can’t  check INTERNAL option ,because  I need SSO, Please help.4`0IJHWBT)KYDQ8Q(8BU%G8.png

    Thanks and Best Regards.

    judy wang

    • judy wang

      I cant see image you attached in above comment.

      Please note that INTERNAL option is applicable only if OData service has the same host+port as SMP server. In general, OData services exposed via Integration Gateway (in SMP) has same host and port number as SMP so we have to INTERNAL in this case.

      Hope this makes clear.

      Regards,

      JK

      • Thanks for reply.I’m sorry, but the picture is a failure, my ODATA is the interface of the release of the gataway,  host and port number as SMP is not the same,such as figure, but POST (a record Creating), reported 403 ForbiddenCatch(07-23-10-16-17).jpg

        Catch58BD(07-23-10-16-17).jpg

        GNJ{_27TV`0$8IZ6B_]85CQ.png

        hope to help,thanks!

          • My mobile phone client needs a lot of interface, ZMINISTERAPPROVE_SRV SRV is among them a. Therefore, I put endponit address set to http: / /… 8080/sap/opu/odata/sap, such mobile terminal each time only need to register a SMP application; also tried to each interface in the admin to create an application, but will encounter the problem of cache, also feel that way is not reasonable

  • Hi Jitendra,

    Could you provide a few details on why the /odata/applications/latest/ part of the URL is necessary and what it does ? I’ve been reading the OData URL conventions and it doesn’t seem related. Is it used only for registering the application on the mobile platform?

    Many thanks for a great tutorial.

    Warm regards,

    Chris

  • Hi Jitendra,

     

    I am trying to do GET request using POSTMAN REST client. I need to configure backend connection in HCPms.  I am getting “Note: Your browser does not support JavaScript or it is turned off. Press the button to proceed”. Backend url has HTTP connection.

    I have attached screenshot.

     

    Thanks in advance.

     

    Regards,

    Vasantham

  • Hi Jitendra Kansal,

    I am trying to access the mobile service in webide but it’s showing error Neither Application connection id nor Application id is provided

    I tested in Postman it’s working fine.

    I have passed headers also.

    var oModel2 = new ODataModel(“/mydestination“, true,);
    oModel2.setHeaders({
    “Content-Type”: “application/xml”,
    “X-SMP-APPCID”: “myRegistrationId”,
    “Authorization”: “Basic UDE5NDE5NTc0NDg6Q2FwZ2VtaW5pQDIxNTQ1”
    });

    oModel2.read(“/Zcgpracslemp(‘47202’)/Set?$format=json”, null, null, true,
    function(data2, response2) {

    console.log(data2);
    });

  • Hi, would like to know the right way to do this. Once a user logins, their device is registered. And X-SMP-APPCID is returned and I store it on the app. It persists even when user quits the app halfway. So opening the app again will check if the token exists then if yes, don’t do CONNECTION but just use the token on run the calls.

    What we experienced now is that if user switches to a new version of the app (reinstalling) or deliberately clear the app data, we lose the app id token. And the logic will tries to call CONNECTION but will hit 403 not found error because is already registered.

    Whats the best practice? Do we need to set the user expiration to be shorter and user had to wait after the token is auto removed to be able to register successfully?

    Regards,

    Joe