Blog Series – API Provider: Part 4: Connecting and exposing APIs from SAP HANA
In this part 4 of 8 part blog series, I will explain how SAP Cloud Platform API Management connects to HANA System on the cloud via API Provider and manage XSOData Service in API Management. I will also give an overview of SHINE Content and get shine content on HANA system.
SAP HANA Interactive Education (SHINE) is an Education Content to deploy, learn and develop applications from SAP HANA studio which runs on top of SAP HANA Application Services (XS Engine) with in SAP HANA Platform. SHINE enables new SAP HANA developers to quickly learn and develop applications running on top of SAP HANA Platform. SHINE content is designed and built upon EPM (Enterprise Procurement Model) framework developed by SAP and it includes all the data models, tables, views, dashboards etc.
To know more about SHINE refer
Refer SHINE documentation for more help on content
Importing Delivery Unit
1.Login to your Hana workbench
2.Click on editor and Navigate to LifeCycle Management
3.Click on Delivery Unit
4.Click on Import to import a Delivery Unit
5.Delivery Unit will get imported
6.Assign roles as mentioned in .xspriveleges file to the logged in user For Eg
7.Once the roles are assigned, select xsodata file and execute it to get the URL.
(Save this URL as we would need it for creating proxy)
8.Let’s go to API Portal ->Services->click on API Management Tile->click on Access API Portal.
9.Click on Develop and Navigate to API Providers
10.Create API Provider and fill in the following details
11.Navigate to Authentication and give back end system details
12.In my case, I am connecting to Hana System and catalog service settings look like this
13.To test the new connectivity, just create a new API Proxy. Give API Provider as “HanaXs” and give URL as shown
and Save it.
14.Navigate to Test and click on the API provide Basic Authorization
15.Click on send to get the response
16.Let’s Manage our OData Endpoint!
Now I want to protect my APIs from an unwanted threat on the internet hence would use JSON Threat protect policies.
17.Let’s Navigate to develop and open policy editor and click on edit.
18.Navigate to console and execute the policy.
API Management also helps to identify common content level threats that follow certain patterns, by enabling developers to configure regular expressions that can be evaluated against API traffic at runtime
Let’s try regular expression threat protection policy and protect our API.
19.Again open policy editor and click on Edit and select Regular Expression from right-hand side
20.Navigate to console and give the header as action value threat.Click on send.
I was able to apply these policies by following SAP Cloud Platform, API Management documentation which has now samples available for all the policies.
Refer for more details