Skip to Content

This is part of a multi-blog series concentrating on how to consume the backend APIs in SAP Cloud Platform Workflow Service.


Building and extending cloud application workflows can unify processes across systems and connect human-centric activities and information across the enterprise. Often, you would want to consume existing services as part of the extension workflows to perform certain tasks – for example, get product master list, get quotation details etc. This blog explains how an application developer can consume any OData service developed through SAP Gateway Service Builder in the SAP Cloud Platform Workflow.

What to expect in this Blog

By exposing SAP Business Suite functionalities like BAPIs or any RFC-enabled function modules as REST-based OData services, SAP Gateway enables SAP applications to share data (RFC, BAPI) with a wide range of technologies and platforms including SAP Cloud Platform Workflow Service. This blog will NOT explain how to create OData service using SAP Gateway Service Builder, but rather will detail on how a cloud application developer can consume an existing service in SAP CP Workflow’s Service Task. If you are looking for information on how to create OData service in SAP Gateway you can refer to the following blogs:

Step-by-step guide to build an OData service based on RFC

How to develop a Gateway Service using code based implementation

How build OData service with all CRUD operations

Consume OData service created using SAP Gateway Service Builder


  1. Before you can consume SAP Gateway OData service, make sure that the service which consumes RFC is created, activated & is also accessible through any HHTP client.
  2. Any OData service (which is RESTful and can be formatted as JSON) can be consumed directly in a SAP CP Workflow Service Task, hence the OData service created by the Service Builder can also be consumed directly in the service task. Since SAP Gateway is an on-premise application and is behind a secure network (intranet), you need to use the SAP Cloud Connector.
  3. IT Administrator should have already installed the cloud connector.

How to Achieve it?

To consume the OData services in SAP Gateway, we would be configuring SAP Cloud Connector to expose them outside the intranet. We would then be configuring a SAP Cloud Platform Destination and consume the OData service directly in a Service Task of a workflow.

Configure Cloud Connector

IT Administrator should complete the following steps in SAP Cloud Connector:

Add SAP Gateway system in SAP Cloud Connector

  1. Create a new ‘Cloud To On-Premise’ connection
  2. Choose the backend type as ‘SAP Gateway’
  3. In the next screen choose the communication protocol as required. I have chosen HTTPS since the Gateway system is SSL enabled.
  4. In the next screen, enter the Internal host and the port to access the SAP Gateway service. In my system, the port for HTTPS communication is 44300
  5. In the next screen, enter the virtual host and port.
  6. Maintain the principle type in the next screen. I have maintained it as ‘None’, but you might want to use X.509 certificate or a Kerberos as principle especially in the production system.
  7. Finally, enter the description for system that you are adding and complete the process of adding SAP Gateway system in SAP Cloud Connector.

Configure Resource Access

  1. While adding a new resource which can be access via cloud connector, I have chosen to expose ALL services in the system by marking the URL as /sap and ‘Path and all sub-paths’ for the access policy. If you want to expose only a few OData services, then you have to choose the options accordingly.


Add an on-premise destination in SAP Cloud Platform

Once the cloud connector installation and configuration is completed by the IT administrator, the cloud application developer needs to perform the following step to create a destination for connecting to the SAP Gateway system.

You can refer to the help content to create a HTTP destination from SAP CP Cockpit. While creating the destination to connect to the SAP Gateway OData service, keep in mind the following information:

  • Type of destination is HTTP
  • URL is the virtual URL & port as defined in the cloud connector configuration. Make sure you give the http as the protocol here even if you have configured a https service in cloud connector. The services which are exposed via cloud connector are virtually opened in the VM with http but internally connects to the on-premise system via the protocol defined in cloud connector.
  • Proxy Type is “OnPremise”
  • Credentials for the SAP Gateway system should be provided (in this example, I have used ‘Basic Authentication’. SAP CP Workflow supports NONE and BasicAuthentication as of Oct 2017 and we plan to add OAuth support soon).
  • Maintain the SAP Gateway system client information in the property jco.client.client

Optionally, once you have defined the destination, click on ‘Test Connection’ to check if the system can resolve the proxy and connect to the SAP Gateway system.

Consume OData Service in a Service Task

Once you have configured the destination successfully, it is very simple to consume the OData service in a Service Task via Cloud Connector.

  1. Add a Service Task in the workflow editor canvas
  2. Add the destination you have created earlier.
  3. Enter the path to access the service. If you have to pass any inputs to the service then you can get it from the workflow context. In the example, I have created a OData service called STV_QUOTATION and want to access the quotation details by passing a Quotation ID. Hence, my path would be


  • All the OData services created in SAP Gateway is available under /sap/opu/odata/sap
  • QuotationSet is the entity I am accessing to get the details about the quote.
  • I am also passing the Quotation ID available in the workflow context. ${context.quoteid}
  • I am also formatting the output of the service as JSON by using the keyword $format=json. Make sure you format the result to JSON since SAP CP Workflow works only with JSON object.
  • Finally, the output of the service (in JSON format) is transferred to the variable ‘quote’ of the workflow context.


If you are accessing a service to create an entity, you would be accessing a POST method. Such a modify request would require a CSRF token to prevent cross-site request forgery. In such a case, you can provide the path to any non-modifying service in the property ‘Path to XSRF Token’ and the SAP CP workflow service will automatically resolve it.

Note: You can also use the SAP Cloud Platform’s OData Provisioning to register any service created from SAP Gateway and then consume it same from the service task of SAP Cloud Platform Workflow Service.

To report this post you need to login first.


You must be Logged on to comment or reply to a post.

  1. Jing Biscocho

    Hi Seshadri,

    I know that this is somehow an old blog but we’re running into issues accessing OData  via OData Provisioning … our destination for OData provisioning is ApptoAppSSO and is said to be not supported. If we change the authentication type, it breaks the access to the OData service. Have you had the chance to consume an OData service via OData provisioning?




      1. Emiliano Prigue

        Hi Christian,

        So there is no way to consume an OData Service via OData Provisioning at the moment?

        Could you tell me when it is expected to be available?




          1. Jing Biscocho

            Hi Christian,

            Basic Authentication only work when you have an on-premise gateway. Our scenario is that our OData services are consumed via OData Provisioning.




      2. Jing Biscocho

        Hi Christian,

        Does SAP have an ETA for this?? We plan to use the workflow service for production but we need to be able to use OData via Gateway Provisioning.





Leave a Reply