Skip to Content

Post data from node js to SAP odata services

Hello SAP Community,

I would like to share this simple code snippet to send data to SAP from Node js, I have to say that I had to read a little about the node js library “request” and cookies handle concepts because I didn’t find not much information googling about cookies handling in this particular case specially about the need to pass the cookies between GET and POST method, initially I was just only passing the token but nothing about the cookies, that’s why it didn’t work at the beginning (Error HTTP 403 Forbidden), this example includes the way to pass the token and the cookies info. If you try your service with Postman rest client it’s not clear that you are going to need to handle cookies in your code because Postman do this for you.

The j variable es where we store the cookies, we get it in GET method, and pass it to the POST method with jar parameter, the same for the x-crsf-token in header parameter.

The SAP service is an odata service, the authentication is basic, the pData parameter contains the json entity to be pass as the body of the POST request.

var request = require('request');
async function doCall(pData){
  var token;
  var j = request.jar();

  var postDataToSAP = function(){
    return new Promise(function(resolve, reject){
                url : url, 
                jar : j,
                headers: { 
                            "Authorization": "Basic USERANDPWINBASE64",
                            "x-csrf-token" : "Fetch" 
              }, function(error, response, body){
                    token = response.headers["x-csrf-token"];
                  	console.log("Obtenido el token csrf");
                                    method: 'POST',
                                    jar: j,
                                              "Authorization":"Basic USERANDPWINBASE64",
                                              "X-CSRF-Token":token, // set CSRF Token for post or update
                                    json: pData
                            }, function(error, response, body){
                                  console.log("Datos de indicadores transferidos a SAP de forma exitosa");            
  await postDataToSAP(); 

Now my challenge is to call the same service but published in SCP with odata provisioning, I say that it’s a challenge because I can’t use basic authentication there, SCP doesn’t allow this when we are using a custom IdP (we are using SAP Cloud Identity), only with SAP ID Service it’s posible, so I have to study saml2 protocol to see what’s the way to authenticate, I will be in touch with the community when I can do this.

Please if you have any question don’t hesitase to ask.

Best regards.

Jhon Jairo.

You must be Logged on to comment or reply to a post.
  • Hi Jhon!

    I created a chatbot to create customers in SAP. You are getting the error "CSRF token validation failed". It was then that I saw your post and then I started sending the jar parameter. But now I'm getting the error "The Data Services Request contains SystemQueryOptions that are not allowed for this Request Type".

    Best regards.

    Douglas Farcic.

    • Hello Douglas, 2 things to double-check:

      • See if the request you are needing is GET or POST, I suppose it’s POST because you are using a token.
      • I think it could be that your url has something wrong in the parameters or the uri, the error is related to a parameter not allowed in a POST request to the service, I would say.

      You have to be aware how to call a service when you are trying to post data, if you can send me the structure of the url you are calling it would be good, hiding sensible information obviously.

      Best regards.

      Jhon Jairo.

  • Hi Jhon!

    The problem was in the url. Right after sending the message to you I noticed that I had left "?$ Format=json" in the url of the POST method.

    I created a chatbot that creates a customer in SAP. If you want to see how it looks, the link is: But you will need to learn Portuguese to understand hahaha

    Thanks for the answer !