Technical Articles
SAP Commissions Rest API JWT authentication from SAP Advanced Workflow
1 – Introduction
The SAP Commissions REST API allows 2 types or authentications:
- Basic Authentication
- JWT Token Authentication
And from SAP Workflow you can choose what type of authentication you want to use for your project.
This post will give you an overview and a detailed explanation about how SAP Commissions Rest API JWT Authentication can be used from your SAP Advanced Workflow project when you require an integration with Commissions application.
2 – Login to Sales Performance Home
To be able to apply what is explained in this blog you will need to have Administration permissions in SAP Sales Performance Portal, Commissions and Advanced Workflow.
First, you need to login with your Administrator user to Sales Performance Portal:
Sales Performance Home Page
2 – Workflow Home Page
From here click the Workflow link in the Applications menu:
Workflow Menu
This will take you to the Workflow Home Page:
Workflow Home Page
3 – Create your new Key Pair
First thing you need to do is create a new Key Pair from Workflow:
- Go to Setup > Development > Key Pairs
- Click on Add New
- Enter a Key Pair Alias (required) (i.e.: public_jwt_key.pub)
- Click on Save to save the new Key Pair
Key Pair
4 – Create a new Public Key file
Now that you created the Key Pair in Workflow you need to create a Public Key file (with *.pub extension):
- File Name: (i.e.: public_jwt_key.pub)
- File Content: <<Copy the Key Pair that you created before from Workflow>>
5 – Create a new COMP Admin User
After you have created your new Public Key file now you need to create the COMP Admin user that you will use for the JWT authentication:
- Go back to Commissions application
- Go to Security > Users
- Create a new user
- Assign the Administrator role
- Save your changes
Create a COMP Admin User
6 – Set up the Authentication Type
Once you have created your new COMP Admin User you need to change the Authentication Type for this new user to “JWT Authentication” and upload the Public Key file created before:
- Go back to Sales Performance Home
- Go to User Administration > Users
- Find the user created before
- Click on Manage User Data tab
- Select Authentication type: JWT Authentication
- Upload Public Key File (use the file created before)
- Save your changes
Set up JWT Authentication Type
7 – Create a Workflow Groovy script
Finally and after you created the COMP Admin user with the JWT Authentication type now you can create a new Workflow Groovy script to test the authentication using a JWT token instead of the Basic authentication type:
-
- Go back to Workflow
- Go to Setup > Development > Scripts
- Create a new Script with the following content:
def headers = new HashMap() headers.put('Content-Type', 'application/json') headers.put('Domain', 'XXXX') //Your domain or tenant (i.e. 1234) def url = 'https://XXXX.callidusondemand.com/CallidusPortal/services/Authentication/isAuthenticated' def payload = new HashMap() payload.put('aud', url) payload.put('sub','JWTRestAPIUser') //Your user Id def httpClient = resp.createHttpClient() def jwt = httpClient.generateJwtToken('public_jwt_key.pub', payload) //The Key Pair Name def authHeader = 'Bearer '+ jwt headers.put('Authorization', authHeader) def response = httpClient.executeHttpGet(url, headers) out << "Token Authentication: " + response.getContent()
- Validate your script
- The authentication is successful if you get this output message:
Token Authentication: {}
- The authentication is unsuccessful if you get this output message:
Token Authentication: com.callidus.ws.exception.UserAuthenticationException
Workflow Groovy Script
8 – Conclusion
From SAP Advanced Workflow you can create scripts to integrate with SAP Commissions using the Commissions REST API and you can select what type of authentication you prefer to use.
If you choose JWT Authentication this blog can help you with all the needed configuration and it shows you a script that you can use for your testing.
More information about the SAP Commissions REST APIs can be found in this link:
https://[TENANT].callidusondemand.com/APIDocument/
where [TENANT] is your tenant id.
You can also find additional information about SAP Advanced Workflow under this other link:
https://help.sap.com/viewer/product/Advanced_Workflow/
Great Article Raul Corrales Segura !
Keep writing many more to make the Advanced Workflow product great...