SCPI Sender – Certificate-to-User Mapping with SAP Passport
In this use case, I prepared easy step-by-step guide, how to use SAP passport to trigger iFlow in your SCPI tenant. To test, you will call this iFlow from POSTMAN.
- Admin user for your SCPI tenant – to assign authorizations
- Access to SAP Support Launchpad
1. Get SAP Passport (.pfx and .cer)
- Open: https://launchpad.support.sap.com/ and login with your S-User.
- Find Tile: SAP Passport – Enable Single Sign-On
- Insert logon password and click on “Apply for SAP Passport”.
- In the pop-up fill any password to protect your certificate.
- Download the SAP Passport (.pfx).
- Double click on .pfx file and import to your computer using windows wizard.
- When imported, one way to export certificate is to open Chrome browser, Go to settings -Privacy and Security – Security – Manage certificates.
- Choose the one you want to export and click export. Export Base-64 encoded X.509 (.CER) file to your computer. This file will be used when triggering iFlow.
2. Open BTP account and assign Authorization to your S-user
In BTP – assign role ESBMessaging.send to your S-user (Neo Environment)
3. In SCPI create Certificate-to-User Mapping and Deploy iFlow
In SCPI – Go to monitor tab and select tile Certificate-to-User Mappings. Click add and fill user Id and select .cer file with your certificate.
Configure Sender in your iFlow and deploy:
4. Trigger this endpoint from POSTMAN:
Open settings – Certificates – Add Certificate:
Send GET request to your SCPI iFlow: