Skip to Content
Technical Articles

How to test OData Services registered in SAP Cloud Platform Extension Factory, serverless runtime

In the blog post SAP Cloud Platform Extension Factory now includes OData Provisioning service (Cloud Foundry) we have seen how you could register an OData service from a Business Suite system. Now let us continue from there and see how to test the registered service via Postman.


Step 1: Create an instance of “Authorization and Trust Management (XSUAA)” application plan

  • Go to Sub-account where Extension Center is subscribed → Subscriptions → Extension Center → Role Templates → Note the Scope references for the role ODPAPIAccess.
    This will be used in the field “XSAPP Name” while creating the xs-security.json in the next steps. You may refer the help documentation for more information on Application Security Descriptor Configuration.
  • Create xs-security.json as below
	"xsappname": "<Instance Name>",
	"tenant-mode": "dedicated",
	"foreign-scope-references": ["<XSAPP Name>.ODPAPIAccess"],	
	"oauth2-configuration": {
		"token-validity": 900,
		"refresh-token-validity": 604800
  • Create an instance of “XSUAA” application plan in the space which is under the org where Extension Center is subscribed, using the below command
cf cs xsuaa application <Instance Name> -c xs-security.json


Step 2: Create a service-key for “XSUAA” instance created in Step 1

  • Create a service-key for the “XSUAA” instance created in Step 1
cf create-service-key <Instance Name> <Service Key Name>
  • Get the details of the service-key
cf service-key <Instance Name> <Service Key Name>
  • Note the fields “url”, “clientid” and “clientsecret” secret in the above Service Key

Step 3: Get the OAuth2 Bearer token via password grant flow

In Postman execute a POST request on the below URL with Basic Authentication

https://<Authentication End point>/oauth/token?grant_type=password&response_type=token&username=<Business User>&password=<Password>

  • Pass the authentication as Basic Authentication with Username = “clientid” and Password = “clientsecret”
  • Authentication End point = “url” from the service key
  • Business User = Email ID of the user which has been assigned the role ODPAPIAccess
  • Password = Password of the Business User

Note the field “access_token” from the response.


Step 4: Execute OData Service Runtime

Note the Service URL of the OData Service from the Extension Center

Enter GET on the “Service URL” in Postman with authentication as Bearer Token.

Bearer Token = “access_token” noted from Step 3.

The response will contain the Service Document of the registered service.


Now that the authentication is successful and you are able to successfully get the response for the Service Document of the registered service, you may proceed with testing of other OData operations (for e.g. GET, POST, PUT, DELETE etc.) on the service.

1 Comment
You must be Logged on to comment or reply to a post.