03-22-2024 8:34 AM - edited 03-22-2024 8:35 AM
Hi experts,
I want to use SAP S/4 Hana Cloud APIs and have them called from a 3rd Party application / website etc. So, I have set up the S4HC Communication Arrangements etc and found the APIs to use and just using POSTMAN I have used Basic authorization to just check if these are the ones needed. But there is a need to use OAuth 2.0 for better security.
I have read the blog Maintain Assignment of Document Info Record to Mai... - SAP Community
and although I can get an OAUTH2 Token via POSTMAN as described in that that blog it would NOT be practical if I wanted a 3rd Party application to call the APIs - as the Token access requires a scope approval popup from S4HC.
I have read the document https://help.sap.com/doc/6ce62b6bdda340ffbeae3f138c3cb71b/SHIP/en-US/Set_Up_Authentication_for_SAP_S... which lists all available ways to Authenticate to SAP S/4HANA Cloud.
But I still do not know of the way that a 3rd Party application could call my APIs via OAUTH - that guide seems to be talking about SAP BTP but we don't have the API management part turned on - is there another way that just involves S4HC without all that mucking about with scope approval popups etc. ?
Can anybody give me some guides on how to do this more effectively.
By the way we only have a 2 tier SAP landscape with QAS and PROD (so no DEV 🙄) and we only have SAP BTP Integration Suite and do not have the API Management part of BTP (for financial reasons no doubt 🤑).
Thanks
Hi Peter,
I don't have the exact answer, but technically, I believe the authentication happens in the identity provider, not S/4HANA Cloud.
Are you using SAP Cloud Identity for your provider?
I would investigate the possibility to generate the credentials in your Cloud Identity and then setup your communication system with those and your 3rd party app.
Thank you
Jerry
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jerry
we are using SAP Cloud Identity Services as our IAS. We have Microsoft Azure > SAP Cloud Identity Services > S4HC.
I had set up all the required communication arrangement details and it works - except that the popups for scope would not be acceptable for a 3rd Party application that want to call our S4HC APIs.
on that link that you sent me what do they mean by subject_token and how do I obtain one of those ? Do you know?
Also
Our S4HC URL is https://my<number>.s4hana.ondemand.com/
are they also suggesting to obtain a token you use https://my<number>.s4hana.ondemand.com/oauth2/token..... and that you also repeat the client_id and secret not only in the request parameters but also in the authenication header.
User | Count |
---|---|
104 | |
12 | |
11 | |
6 | |
5 | |
4 | |
3 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.