Skip to Content

The HANA CORS (Cross Origin Resource Sharing) configuration is straight forward but as the old saying goes, a picture paints a thousand words.  Such a shame that the SAP documentation policy is does not allow screenshots.  I have therefore tried to capture the configuration steps here.

SAP Analytics Cloud Version 2018.1.0
SAP HANA Version 1.00.111 (SPS 11).

The official SAP Analytics Cloud documentation is good and could be found here.
Live Data Connection to SAP HANA

This new CORS setup is really as simple as 1, 2, 3.

  1. Configure HANA HTTPS (SSL)
  2. INA (Information Access)
  3. CORS Configuration

1. Configure HANA HTTPS (SSL)

The Configuration of the SSL certificate is within the Web Dispatcher at


For me that is


Once completed you must be able to access XS classic urls via HTTPS, without any security pop-ups or certificate errors. Usually this is port 4300, if your SAP HANA instance number is 00, but 24 in my case, therefore port 4324.

The full configuration steps for HTTPS are outlined within the SAP HANA help documentation so I won’t repeat those here.

Configure HTTPS (SSL) for Client Application Access


2. Information Access (InA)

Verify InA is installed and you have rights to access this service.


For me that is


The response from InA is in JSON, using a JSON browser extension makes the response more readable.  If InA is not working for you should check the INA package is installed and your user has access to this package via the sap.bc.ina.service.v2.userRole::INA_USER role.

Verify that you can access Metadata via InA


For me that is{%22Metadata%22:{%22Expand%22:[%22Cubes%22]}}


3. CORS Configuration

Be aware the CORS config below needs to be repeated after each and every HANA update, e.g moving from revision 122.12 to 122.15.

Login to your XS (classic) admin site, the URL would be something like


For me that becomes


Verify that Basic Authentication is allowed as below

Configure CORS, with the Allowed Origins, Allowed Headers and Exposed Headers as specified below.

# Allowed Headers
accept authorization content-type x-csrf-token x-request-with x-sap-cid

# Exposed Headers


SAP Analytics Cloud

With the CORS configuration now completed we can establish the Live Direct HANA connection within SAP Analytics Cloud.


To report this post you need to login first.

1 Comment

You must be Logged on to comment or reply to a post.

Leave a Reply