Skip to Content
Technical Articles
Author's profile photo Kris Chau

Configuring Client ID and Secret on Neo Environment

Environment Scope: Neo

Technical Requirement – Accessing Cloud Integration (CI) APIs through Client ID and Secret (in Neo). There is slight difference in the way we generate these keys in Cloud Foundry environment.

Following below steps we will see an end-to-end scenario.

  • What will we do here?
    • Adding new Client ID & Secret
    • Adding user
    • Creating dummy HTTPs i-flow in CI
    • Testing HTTPs endpoint through POSTMAN

 

  • Adding new Client ID & Secret

 -> Go to -> Security -> OAuth and register new client

 

-> Give a name, select subscription from the dropdown, authorization grant type, set password and validity of token

  • Adding user

-> Follow the below naming convention to add user (client created in above step) and assign “ESBMessaging” service to send request

Naming convention to follow for user – oauth_client_<client_name>

 

-> Copy the Token Endpoint to fetch token (this will be used in below step while testing through POSTMAN)

 

  • Create dummy HTTP i-flow in CI

-> Design i-flow (sample flow to test the connection)

 

-> Set HTTPs endpoint and Body

 

  • Testing HTTPs endpoint through POSTMAN

-> Fetch token  https://oauthasservices-<Tenant>.hana.ondemand.com/oauth2/api/v1/token?grant_type=client_credentials

-> Select BASIC as Authorization. Pass the secret key generated above.

 

-> Send request to HTTPs endpoint configured above (i-flow).

-> Select Authorization as No Auth

-> Add Header as Authorization (with Value – Bearer <Token generated above>

 

 

We have seen an end-to-end scenario, starting with configuring token (Client ID and Secret) and further, used the same to access CI HTTPs end point.

Any question or feedback will be appreciated!

Assigned Tags

      5 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Rizu Yadav
      Rizu Yadav

      Thanks for sharing kris, really helpful 🙂 .

      I have one query regarding subscription option we have two options in subscription while creating client one is iflmap and another one is iftmn.. differnce between ... is iftmn for whole tenant subscription kind of?

      Br,

      Rizu.

      Author's profile photo Kris Chau
      Kris Chau
      Blog Post Author

      Hello Rizu,

      TMN -> Ensures Worker nodes are up and running, Development
      IFLMAP (Worker node) -> Responsible for message processing

      Ref - https://blogs.sap.com/2015/01/13/landscape-components-of-hci-pi/

      Regards,

      Kris

      Author's profile photo Dheeraj Gupta
      Dheeraj Gupta

      Hi,

      Thanks for your blog.

       

      I have followed all the above mentioned steps. I am able to generate bearer token. However when accessing end point of iflow, getting the "403-Forbiddent" error.

       

      Best Regards,

      Dheeraj

      Author's profile photo Gaurav Agarwal
      Gaurav Agarwal

      Hi Kris,

      Even I am getting "403 forbidden" error while connecting to CPI endpoint. From Postman we are able to fetch the Token but while using that token we are getting 403 Forbidden.

      Can you please help us here.

      Thanks in advance!

      Gaurav Agarwal

      Author's profile photo Nilesh Bhayani
      Nilesh Bhayani

      Hi,

      The CPI endpoint is working from the browser. It works from Postman sometimes but often gives error 403 forbidden in the Postman.

      Can anyone help us here?

      Thanks in advance.

      Regards,

      Nilesh