Using Postman For OData / Netweaver Gateway Testing CRUD Methods
If you have ever used an inbuilt gateway client in SAP for testing your OData services, you must have wondered, isn’t there a better & more effective tool to do this testing. Something that gives users an options not to memorize multiple Parameters or group their requests in folders – so that next time when they resume testing, it should start from where they left.
To solve most of these problems, we can make use of a lightweight Open Source Tool called Postman. As per official documentation, “Postman is a tool to design, build, and test APIs”.
Enough of the theory , lets dive in to the Tool.
- Go to https://www.postman.com/to download and install Postman on your machine.
- Once the Postman is installed, you will get the below screen once you open it
- There are multiple options as you can see in the screenshot, but let us only concentrate on the “GET” icon – Request. Click on “GET”.
- Once you do that, you get another popup (gosh again!)
- It prompts you to enter a request name and create a collection. (Screen shot below)
- Collection – Collection refers to a group of request (GET, POST, and PUT etc. etc.)
- Collections are particularly useful when you are testing say for different OData Services at a time, segregating them into different collections can help you test in a much efficient / cleaner way.
- Create a collection and Name a Request, Let’s say for example, Get is my Request name and Project1 is my collection. Press “Save” to the save the request into collection.
- You will get the below screen (see my comments in red, describing the screen)
- As our request name is “Get”, let us start with a GET request.
- In SAP, Gateway Client – (/IWFND/GW_CLIENT), we get the below screen with the URL if we want to test a service.
- URL- /sap/opu/odata/sap/ZABHIODATALEARN_SRV/POHeaderSet
- Let us use this URL in Postman and see what happens. Whoa! There is no response.
- Why? It is because Postman doesn’t know which HTTP address this service lies at. Each service has to be in a server. When we use Gateway Client on SAP, we are using SAP’s server by default. Therefore, we need to tell Postman the exact address where our service resides. (Just like you write your entire address on a letter, with the Pin Code).
- Now if you are not aware of the HTTP address of your server, follow the below steps to get it.
- Open T-Code – SMICM – > in the menu Go To-> Service. Note the HTTP Port Name and Host name. Ping the host name in Command Prompt to get the IP address. Or Just open your SAP logon pad and note the application server details for the system you are using.
- So , now our URL should be like below
- In this case its
- Let’s use this URL now to query in Postman. However, before that we need to provide our authentication details in the query so that the server allows us to query the service.
- To do so, click on the Authorization Tab, Choose “Basic Auth” from Type and enter your username and password for the SAP system you are connecting. Give the URL that we generated just now and Press Send.
- Hurray! We now see data in the response in XML format!!
- I don’t like seeing XML, its looks rather clumsy!
- Let’s add some parameters to get data in JSON format.
- Go to the “Params” tab and add a $format = json filter as shown in below screenshot.
- The Params tab allows adding different parameters without having to worry about concatenating them properly.
- Let’s add another parameter, $Filter. If you see closely, once you add the parameters in the Params tab, they are auto added into the URL.
- Let’s Press Send and see results. We have the data in JSON format and the filter works too.
- Let us check the final part for GET requests.
- When using GET we can fetch the X-CSRF-TOKEN to use for POST and PUT statements from POSTMAN.
- X-CSRF-TOKEN is an identifier SAP sends for Cross Site Forgery Protection. In simple terms, it is a token to say that you are allowed to update into SAP.
- Go to the headers tab in GET request and add a header X-CSRF-TOKEN and value as fetch.
- Press Send, the response Header now contains an X-CSRF-TOKEN sent by SAP that is valid for generally 24 hours and is unique for your id.
- Now, we know how the GET request works in POSTMAN. Let us see how to use PUT and POST in Postman.
- Create a new request, the same popup comes to enter request name and add that into a collection.
- Name this request as Post and add it into the collection created from previous step.
- Change the type of this Request to POST from the dropdown.
- Go to Authorization tab , select Basic Auth and enter your username and password for the SAP System
- We have fetched the X-CSRF-TOKEN in the GET request; add this fetched token into the header as shown below.
- Give the URL for post ( we learnt how to create this if we don’t know the server details)
- The request details for Post are sent in the body of the request. Go to the Body tab and copy the response from GET request into the body of the POST request.
- Select “raw” button and paste the xml. Edit your values and Press “Send” to see what happens.
- The Item is created in the table and you get a 201-status code. Go ahead and verify if the data is inserted in your table.
- The process for PUT request remains the same, just change the POST request to PUT when creating a new request.
- Provide the URL for PUT with the key to update and press send.
- A status code 204 indicates update was performed. Verify your details in the table.
- Create a new request, same steps as before.
- Change the type to DELETE, input the URL, and add the authorization details.
- Add the X-CSRF-TOKEN fetched from a GET request.
- Press Send. A 204 HTTP Status code indicates that delete was successful.
- Verify the details in the system.
- The document shows testing all the four CRUD methods through Postman Tool that is a more user-friendly way of testing OData services.
- Again, Postman is a highly efficient tool that allows for collaboration with multiple team members. You can research more on this based on your need.
- Hope this document was useful to you!
I entered the URL, added my correct user ID and password, but always just get "401 Unauthorized".
From the gateway I can execute it.
Do you have an idea what can be the problem?
(I am connected to the company intranet via VPN).
If you are have entered the correct SAP User name and password it should work with Basic Auth. Anyways let me check some more and get back to you.
I am also with same setup and problem.
very very helpful information. Thanks Abhilash .
Glad you found this useful ! Stay Safe !
Same here, facing 401 auth issues.
Hi, I am trying to test xsodata for POST method but I am not getting x-csrf-token, in GET request even though i have mentioned it same like you
Hi Abhilash Pradhan,
Thank you for your post!
May I know how to specify the client of SAP system?
I have 2 clients for a single system, In my case, both clients have the same host and port so every time getting a response from another that I not needed.