Skip to Content
Author's profile photo Joerg Losat

How to Call OData Services in SAP Hybris Marketing Cloud

In this how-to topic, I want to explain how to call an OData service in SAP Hybris Marketing Cloud in a way that ensures a high degree of system security and performance. I am using CUAN_IMPORT_SRV as an example, but this description applies to all OData services in SAP Hybris Marketing Cloud.

 

Steps to Import Data into the SAP Hybris Marketing Cloud System:

  1. Request a CSRF token and session cookie by calling the metadata document.
    e.g. https://<mkt.com>/sap/opu/odata/sap/cuan_import_srv/
    In the get request header, you have to add the parameter name ‘x-csrf-token’ and the value ‘Fetch’, as shown in the code snippet. With this get request, you will receive the CSRF token and session cookie in the response:
  2. Create your payload with the data you want to send.
  3. Post the data via the corresponding endpoint and send the CSRF token as well as the session cookie which you received in the first step. In the post request, you have to add:
    • The parameter ‘x-csrf-token’, that is the value from the token you received in step 1.
    • The parameter ‘Content-type’ with the value ‘application/json’
    • And the session cookie you received from the get metadata request
    • e.g. https://<mkt.com>/sap.opu.odata/sap/cuan_import_srv/ImportHeaders
  4. At the end you should terminate the session cookie by calling the logoff service. In this get request you have to add
    • The parameter ‘x-csrf-token’ and the value you received in step 1.
    • The session cookie you received from the get metadata request. By doing this, you ensure that the session cookie and CSRF token are no longer valid.
      e.g. https://<mkt.com>/sap/public/bc/icf/logoff

Note: Steps 1 and 4 are only called once, while steps 2 and 3 should be executed in a loop without fetching a new CSRF token and session cookie each time.

Important Points to Note:

  • The session cookie will automatically terminate after 30 minutes idle time.
  • You should reuse the session cookie and CSRF token for as long as you can. In other words, you should try to avoid exceeding 30 minutes idle time.
  • By reusing the session cookie, you avoid having additional calls to generate a new cookie every time. This leads to improved performance because you have to execute the get call only once, at the beginning of your program

By terminating the session cookie, you secure the system, because the cookie and CSRF token can no longer be used.

Code snippets from ABAP SE38 Program

Open the session:

 

Use the session:

 

Close the session:

Assigned tags

      12 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo madhurima chinni
      madhurima chinni

      Thanks for the blog Joerg Losat.

      Can we use the above mentioned steps to fetch the data from Hybris Marketing Trial system. Do we need have any specific authorizations to fetch the data from Hybris Marketing Trial system using OData services.If  so, please help me out what are the required authorizations.

       

      Kindly let me know what is the backend for Hybris Marketing system.

       

       

       

      Author's profile photo Joerg Losat
      Joerg Losat
      Blog Post Author

      Hi,

      yes, the how to guide is a general explanation. You can use the pattern for all OData calls. To your concrete questions about the Hybris Marketing Trial system, as far as I know we do not offer the possibility to read data out of the trial system and the CUAN_IMPORT_SRV I mentioned above is to import data only.

      Best regards,
      Joerg

      Author's profile photo SRIKAR REDDY
      SRIKAR REDDY

      Hi,

      I have a requirement like  MS CRM Integration with Hybris Marketing by using Odata.

      Can you please explian me how to do that??

       

       

      Author's profile photo Quang Huy Nguyen
      Quang Huy Nguyen

      Hi,

      I follow step by step but get this error, I am using CUAN_IMPORT_SRV. Can you help me?

      <?xml version="1.0" encoding="utf-8"?>
      <error xmlns="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
          <code>/IWBEP/CM_MGW_RT/020</code>
          <message xml:lang="en">Resource not found for segment 'ImportHeader-UserName'.</message>
          <innererror>
              <application>
                  <component_id>CEC-MKT-DM-CE</component_id>
                  <service_namespace>/SAP/</service_namespace>
                  <service_id>cuan_import_srv</service_id>
                  <service_version>0001</service_version>
              </application>
              <transactionid>591DF5A20815223AE10000000A001DB0</transactionid>
              <timestamp/>
              <Error_Resolution>
                  <SAP_Transaction/>
                  <SAP_Note>See SAP Note 1797736 for error analysis (https://service.sap.com/sap/support/notes/1797736)</SAP_Note>
              </Error_Resolution>
              <errordetails>
                  <errordetail>
                      <code>/IWBEP/CX_MGW_BUSI_EXCEPTION</code>
                      <message>Resource not found for segment 'ImportHeader-UserName'</message>
                      <propertyref/>
                      <severity>error</severity>
                      <target/>
                  </errordetail>
              </errordetails>
          </innererror>
      </error>

       

      Author's profile photo Robin Vezina
      Robin Vezina

      Using end point $metadata returns an unnecessary large amount of kilobytes as opposed to the service root if the goal is only to authenticate and fetch the CSRF token.

      Author's profile photo Joerg Losat
      Joerg Losat
      Blog Post Author

      Hi Robin,

      you are totally right, but to make the call only once instead of doing the call before every post request, will safe a lot of time. It is a very small improvement in comparison of the overall performance improvement. Nevertheless you are totally right. I will check to update the blog post.

      Thank you very much for your feedback.

      Jörg

      Author's profile photo Yue Wang
      Yue Wang

      Hi Losat,

      Thanks for the information. It's very usefully information for large data set customers. One question, how does it apply to SCPI oDATA adapter? For customers integrating with SCPI, what measures they have in control to ensure the session handling is properly done?

      Best regards,

      Yue

       

      Author's profile photo Joerg Losat
      Joerg Losat
      Blog Post Author

      Hi Yue,

      in SCPI oData adapter you can setup session usage, that SCPI will reuse the same session / security session.

      Best regards,
      Joerg

       

      Author's profile photo Siddarth Kumar
      Siddarth Kumar

      Hi , I need to post a data in json format to a endpoint using ODATA but i cannoty find any snippet or demo code implementation for that , any help?

      Author's profile photo Siddarth Kumar
      Siddarth Kumar

      In java From Hybris, are there any specific extensions for that

      Author's profile photo Joerg Losat
      Joerg Losat
      Blog Post Author

      Hi Siddarth,

      in the API hub you will find snippets in different implementation languages.

      See link:

      https://api.sap.com/package/SAPS4HANAMarketingCloud?section=Artifacts

      Don't know what you mean with specific extensions, we have integrations from Commerce to Marketing via OData services.

      Best regards,

      Jörg

      Author's profile photo Siddarth Kumar
      Siddarth Kumar

      Thanks i found a way to post data through OutboundServiceFacade found in OutboundServices in hybris .