Playing around with HCP & API Management while everyone is at SAPPHIRE NOW
This will be a short post (in terms of words, but long with pictures). I had been getting bored of generating SalesOrder and BusinessPartner demos, as sometimes that seems to be all that I ever see (not without good reason obviously), and longed to do something a little more fun. Then I stumbled across Denise Nepraunig and her awesome Apps built around Star Wars and Chuck Norris Jokes 😀 .
Since these were built on top of APIs, I couldn’t help but want to put SAP API Management in there, and be part of the fun. So while 99% of the work was done by Denise, I still wanted to share how to put SAP API Management in between, and possibly let the community imagine a fun extension from there.
TOC
- Deploying the WebIDE App
- Generating the API Proxy
- (OPTIONAL) That was fun, but so what?
- (OPTIONAL) Extended
- More Information
Deploying the WebIDE App
1) Start by downloading Denise’s Zipped Chuck Norris App
2) Either extract the file “chucknorrisjokes” and import it into your HCP destinations. Or generate manually as below.
3) Open WebIDE in your HCP Account
4) File ~ Import ~ From File System
5) Browse to locate the zip you just downloaded, then click OK
6) Right-click the folder you imported ~ Deploy ~ Deploy to SAP HANA Cloud Platform
7) Choose project name and Application name, then click Deploy
8) Open active version of the App to verify it works
Generating the API Proxy
Ok so far we have just run the original app, direct to the API with no changes. Let’s get SAP API Management in the picture so I have a reason to post.
1) Open SAP API Management API Portal (If you aren’t sure how, start here)
2) Hamburger Menu ~ Manage
3) Create New API 
4) Create API screen with details
URL: http://api.icndb.com
Name/Title/API Base Path: Your choice
Click “Create”
5) Save and Deploy the API
6) Copy API Proxy URL Value:
7) Now that we have an SAP API Management API Proxy pointing to Chuck Norris API, let’s pull the ol switcheroo on our HCP Destination.
Open your HCP Cockpit ~ Destinations and Edit the chucknorrisjokes destination. Replace http://api.icndb.com with the URL you just copied. (You may need to enable Default JDK truststore as well.)
Click “Save”
That’s it! The app was designed to work with the relative HCP destinations, and your destination is now pointing to the SAP API Management API Proxy URL, which in turn is exposing the Chuck Norris API, so everything should work just as before. Give it a whirl, reload your Chuck Norris HCP App, and see if it still works.
If you’d like some more assurance that API Management is indeed doing something, you can return to your chucknorrisjokes API Proxy, and click “Launch Debug Viewer” ~ “Start Debug” and then run “Get a new joke” in the App. Refresh the Debug viewer and you should see a new call.
(OPTIONAL) That was fun, but so what?
As you see above, everything worked exactly the same before and after, except now for some reason we pointed to SAP API Management instead of directly to the API. Well, now I challenge you to come up with some interesting uses of the Management layer now sitting on top of the Public API. Denise Nepraunig has made a fairly robust App, so we can poke around and not mess things up too much, so I’ll provide a simple example.
Imagine that we want to make our app available publicly, leveraging Chuck Norris jokes, but we want to be good netizens, and not overload the DB with requests. Well we can add a Quota policy to our API Proxy, to block requests above a certain threshold, something we did not have the ability to do before. Now we’re getting somewhere!
1) Open SAP API Management ~ Hamburger Menu ~ Manage
2) Open the API Proxy you made for Chuck Norris jokes. Click “Launch Policy Designer”
3) Click “Edit” in the bottom-right hand corner. Then click “PreFlow” under ProxyEndpoint. Then on the right side scroll down through the policies until you find “Quota” and click the “+” next to it. Add a policy called “Quota” to Incoming Request stream. Then click “Update”. The defaults for this policy will allow 2 requests per 1 minute.
4) Click “Save” then click “Launch Debug Viewer” and click “Start Debug”
5) Return to your Chuck Norris App and click “Get New Joke” 3 times. You should see the joke update the first 2 times, then nothing should happen. Wait 1 minute, and repeat.
6) Go back to the API Management API Debug Viewer. Click Refresh. You should see 2 “Green” requests followed by a “Red” request twice. SAP API Management allowed the first 2 requests then blocked the next one until the timer reset.
(OPTIONAL) Extended
It’s not that satisfying to just see nothing happen when you hit the quota limit is it? So let’s also have SAP API Management return a custom error when Quota is exceeded in the same style as the normal jokes.
1) Open SAP API Management ~ Hamburger Menu ~ Manage
2) Open the API Proxy you made for Chuck Norris jokes. Click “Launch Policy Designer”
3) Click “Edit” in the bottom-right hand corner. Then click “PreFlow” under ProxyEndpoint. Then on the right side scroll down through the policies until you find “Raise Fault” and click the “+” next to it. Add a policy called “raisefault” to Incoming Request stream.
4) In the “Conditional String” area add the following
(ratelimit.Quota.failed = "true")
5) In the code window replace with the following code snippet:
<!-- can be used to create custom messages in case of an error condition -->
<RaiseFault async="true" continueOnError="false" enabled="true" xmlns="http://www.sap.com/apimgmt">
<!-- Defines the response message returned to the requesting client -->
<FaultResponse>
<Set>
<!-- Sets or overwrites HTTP headers in the response message -->
<Headers/>
<Payload contentType="application/json">\{ "type": "success", "value": \{ "id": 999, "joke": "Chuck Norris gets annoyed when people ask about him too much.", "categories": ["nerdy"] } }</Payload> <StatusCode>200</StatusCode>
<!-- sets the reason phrase of the response -->
<ReasonPhrase>OK</ReasonPhrase>
</Set>
</FaultResponse>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
</RaiseFault>
Or replace the message with something else more entertaining.
6) Click “Update”. Then click “Save”.
7) Return to your Chuck Norris App and click “Get New Joke” 3 times. You should see the joke update the first 2 times, then you should get your custom joke message.This message should be the only value returned upon clicking “Get New Joke” until 1 minute has elapsed.
Now you can get started enhancing the App in further ways, like changing the name (if you think someone is more awesome than Chuck Norris) on the fly (using Assign message) or whatever catches your fancy, and have a less boring app to show off to people when talking about APIs 🙂
Thanks again to Denise Nepraunig for providing such a solid App basis to start from.
If you would like to start learning more about what you can do with SAP API Management, I suggest looking at the repository of information SAP API Management – Overview & Getting started which will continue to be updated as more enablement content is added.
For questions, feedback, concerns, feel free to leave a comment, or send us an E-Mail.
Also follow us online
SAP API Management SAP.com | SCN | YouTube
Dear Elijah Martinez
First of all - hats off for an exceptionally well detailed "How To Guide" / Blog Post. This resonated really well with me - an end-to-end HCP - APIgee journey and back!
My requirement is rather primitive compared to this 🙂 We have a requirement to call an APIgee end-point from ECC.
Before we do a GET we need to authenticate ourselves. APIgee requires ECC to send a client_id and client_secret to authenticate itself (as per the below pic from Postman).
The question is how do I pass the client_id and client_secret using the CL_REST_HTTP_CLIENT?
Any help is much appreciated.
Regards
Arijit
Hi Arijit,
Can you help me to understand your scenario better? Are you using SAP API Management on HCP, SAP API Management by Apigee, or Apigee Edge as your API Management endpoint?
It sounds like you are working with an API Proxy, that is running an OAuth V2.0 policy for application authentication, is that correct?
And then for your question; your POSTMAN call is initiating correctly, but you wish to know how to configure your CL_REST_HTTP_CLIENT? Or you are asking what form you should be passing the values?
Regards,
Elijah
Hi Elijah
Thank you for your response. And apologies if I have been vague with my questions. But yes; you have understood the gist of it accurately!
Our scenario is this -
SAP ECC will call an API on APIgee Edge with a parameter (an unique ID); APIgee will then retrieve a data based on the unique ID from MS SharePoint (hosted in Azure cloud). The call in to APIgee has a OAuth 2.0 policy for authentication.
Now my challenge is that our ECC NW is 731. So we can't avail of the OAuth functionality that is delivered in NW 740!
Hence, we are exploring the CL_REST* / CL_HTTP* classes to call the API and supply the OAuth parameters (like client_id, client_secret, grant_type, scope etc.) in the API call.
So yes - in a nutshell the question is - how do I build a POSTMAN like feature in a NW 731 ABAP stack?
Look forward to your response!
Regards
Arijit
Hi Arijit,
This sounds more like a question for the Netweaver/ABAP coder folks unfortunately. While it sounds like you understand the fundamentals of "what" you need to pass via the client, this is a question of "how" within ABAP, which I am unfortunately not proficient in.
I believe there are appropriate spaces on SCN for those who do work more closely in that area though.
Sorry I can't be of more help here. Best of luck!
Regards,
Elijah
Unless you are asking for clarification/correction of some part of the Document, please create a new Discussion marked as a Question. The Comments section of a Blog (or Document) is not the right vehicle for asking questions as the results are not easily searchable. Once your issue is solved, a Discussion with the solution (and marked with Correct Answer) makes the results visible to others experiencing a similar problem. If a blog or document is related, put in a link. Read the Getting Started documents (link at the top right) including the Rules of Engagement.
NOTE: Getting the link is easy enough for both the author and Blog. Simply MouseOver the item, Right Click, and select Copy Shortcut. Paste it into your Discussion. You can also click on the url after pasting. Click on the A to expand the options and select T (on the right) to Auto-Title the url.
Thanks, Mike (Moderator)
SAP Technology RIG