Technical Articles
Configuring Client ID and Secret on Neo Environment
Environment Scope: Neo
Technical Requirement – Accessing Cloud Integration (CI) APIs through Client ID and Secret (in Neo). There is slight difference in the way we generate these keys in Cloud Foundry environment.
Following below steps we will see an end-to-end scenario.
- Adding new Client ID & Secret
-> Give a name, select subscription from the dropdown, authorization grant type, set password and validity of token
- Adding user
-> Follow the below naming convention to add user (client created in above step) and assign “ESBMessaging” service to send request
Naming convention to follow for user – oauth_client_<client_name>
-> Copy the Token Endpoint to fetch token (this will be used in below step while testing through POSTMAN)
- Create dummy HTTP i-flow in CI
-> Design i-flow (sample flow to test the connection)
-> Set HTTPs endpoint and Body
- Testing HTTPs endpoint through POSTMAN
-> Fetch token https://oauthasservices-<Tenant>.hana.ondemand.com/oauth2/api/v1/token?grant_type=client_credentials
-> Send request to HTTPs endpoint configured above (i-flow).
-> Select Authorization as No Auth
-> Add Header as Authorization (with Value – Bearer <Token generated above>
We have seen an end-to-end scenario, starting with configuring token (Client ID and Secret) and further, used the same to access CI HTTPs end point.
Any question or feedback will be appreciated!
Thanks for sharing kris, really helpful 🙂 .
I have one query regarding subscription option we have two options in subscription while creating client one is iflmap and another one is iftmn.. differnce between ... is iftmn for whole tenant subscription kind of?
Br,
Rizu.
Hello Rizu,
TMN -> Ensures Worker nodes are up and running, Development
IFLMAP (Worker node) -> Responsible for message processing
Ref - https://blogs.sap.com/2015/01/13/landscape-components-of-hci-pi/
Regards,
Kris
Hi,
Thanks for your blog.
I have followed all the above mentioned steps. I am able to generate bearer token. However when accessing end point of iflow, getting the "403-Forbiddent" error.
Best Regards,
Dheeraj
Hi Kris,
Even I am getting "403 forbidden" error while connecting to CPI endpoint. From Postman we are able to fetch the Token but while using that token we are getting 403 Forbidden.
Can you please help us here.
Thanks in advance!
Gaurav Agarwal
Hi,
The CPI endpoint is working from the browser. It works from Postman sometimes but often gives error 403 forbidden in the Postman.
Can anyone help us here?
Thanks in advance.
Regards,
Nilesh