Skip to Content
Technical Articles

PI REST Adapter: Connect to BW/4HANA using X-CSRF-Token

This blog post is the continuation of a blog post which shows configuration about PI / CPI Integration with SAP BW/4HANA. You can find also some sample scenarios to make it easier for you to understand how you can achieve the integration between PI REST Adapter and SAP BW/4HANA.

 

The current blog post describes how to connect to SAP BW/4HANA via its XSRF protected REST API. In order to do so you need first to authenticate to the security policy domain and pass an HTTP header “X-CSRF-Token” with the value ‘Fetch’. If the authentication is successful the server generates a token, stores it in the user’s session table, and sends the value in the X-CSRF-Token HTTP response header. For each call in this session, the REST Adapter should send the token value obtained from the X-CSRF-Token HTTP header.  As of release 7.50 SP15 the REST Adapter supports the configuration of XSRF protected REST API’s (see SAP Note 2757524). In this blog post I will describe how to configure such a scenario for connecting to the SAP BW/4HANA REST API.

 

Prerequisites

 

From SAP BW/4HANA 2.0 Interface you need to take three URI’s:

  1. Get Structure URI, which will give you the XSD schema of the DataStore Object
  2. Get CSRF Token URI, it may be the same which gives you the XSD schema
  3. Send Data URI, which is the actual URI where you will use to PUSH data into a DataStore Object

and for each URI the corresponding HTTP method.

You need to have username and password for the SAP BW/4HANA 2.0 interface for a user which has rights to request the XSD schema and the XSRF token.

 

Preparation

 

Firstly you should extract the XSD schema of the DataStore Object.

For this, you can use the Advanced REST Client Application in your Google Chrome browser or simply use your browser. Access the URL for the XSD schema using your credentials and save the result xsd (xml) file on your file system. Make sure that you are using the correct Content-type header (application/xml) otherwise you can get the JSON Schema which cannot be applied in the PI ESR.

 

Importing the XSD schema to ESR

 

Open your Enterprise Service Browser in the SAP Process Integration Designer. Go to the correspondent Software Component of your scenario, open the namespace tree and click with right button on the “External Definitions”. Select “Import External Definition”.

In the new window, add the XSD file from previous step and press next.

Now you have imported the Data Objects and can apply any mappings by your needs.

 

Configuring the REST receiver channel

 

You would like to access the SAP BW/4HANA Rest API. Create a new Integration Flow with Receiver channel of type REST. Select the receiver channel and switch to tab REST URL below tab Adapter-Specific. Maintain the URL pattern, use the given URL for Send Data.

As mentioned above, this service is XSRF protected, so next step is to configure usage of XSRF Token.

Switch to tab General below tab Adapter-Specific and check flag Use Basic Authentication. Here you should fill the information about the user and password for connection to the XSRF protected service.

Afterwards check the flag Use XSRF token. On this step you have to select the HTTP Operation which should be used for extracting the token. This information you should already have as per the section Prerequisites. In the drop down you will find the following non-modifying HTTP Operations:

  • GET
  • OPTIONS
  • HEAD

Next required field is the XSRF Token URL which should be filled manually. Or if it is the same URL from tab REST URL you can check the flag “Use resource URL from tab ‘REST URL'”.

Switch to tab REST Operation and select for Value Source: Manual Value and under Static Value: select the required HTTP method for the Sent Data URI.

 

 

I hope this blog post was helpful to understand how to configure your REST Receiver channel in order to connect with SAP BW/4HANA XSRF protected service. If you like to learn more, check out the other blog posts accessible from the main blog post Data Integration with SAP BW/4HANA 2.0.

 

12 Comments
You must be Logged on to comment or reply to a post.
  • Hallo Nadezhda

    While maintain the URL pattern for sending data, do we have to maintain the URL with the parameter?

    For example:    /sap/bw4/v1/push/dataStores/XXXX/dataSend?request

    I tried both the variations (with & without) parameter, but I am still getting Internal Server Error. The first URL to get the Token seems to work (getting HTTP 200 fromBW4HANA) but the second URL (DataSend) return HTTP 500 Internal Server error.

    I have tried to setup the REST Receiver Channel as you explained in the blog.

    Is there any customizing (or prerequisite) from the BW4HANA still missing in the blog?

     

    Best Regards

    Satishkumar Dhamodharam.

  • Hallo Nadezhda,

    we are trying to implement the described scenario, but our pi is not reaching backend bw. Error is HTTP XSRF TOKEN REQUEST HAS FAILED  -> connection timed out.

    We checked if we can connect bw system from pi with telnet and it works.

    Questions:

    • Which url from bw is the right one to put into the PI-REST-Adapter  (Tab REST URL)
    • Where can get the right operation type for this url
    • Where can i find the url for the token and the right operation type
    • Which rights(roles) must be assigned to the user

    Thank you for your support.

    Best regards

    Jürg Aebersold

     

     

     

  • Did anyone have this working SOlution in SAP PO to use XSRF Token to call an API on S4?

    I am unable to get any success. ANy pointer will be highly appreciated.

     

    Regards

    Anand

  • Hello,

     

    nice blog, but in the past it was possible and very easy via an ABAP Proxy to write data im multiple different DataSources in "one" transaction. So If there was a problem the hole "PI Message" was not written and the hole "Message" could be repeated.

    How can we achive this in future ?

     

    Thank you

  • Hello,

     

    another question is:

    Now we use ABAP Proxy (outbound) via SAP PI/PO to connect external systems.

    How would this work on SAP BW4/HANA (in the cloud) ?

    (Reverse Proxy would be available/CPI or Integration Suite not jet available)  ?

    Thank you

     

    Regards

     

  • Can you explain how you can "Get Structure URI, which will give you the XSD schema of the DataStore Object"? That is the critical and for this blog to work.

    Thanks Jonathan