cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ECP OData Service calling SAP Cloud Platform UI5 Application

Go to solution
Former Member

on ‎02-11-2021 11:18 AM

0 Kudos

Hi Experts,

We have requirement to build SCP side-by-side extension to information from ECP.

ECP information exposed as OData service and same service trying to call from SCP Ui5 Application.

Currently we are stuck at ECP service authentication, request getting struck at EC

- ECP system single-sign on with SF EC

- OData service authentication from SF EC SAML

- From SCP request getting blocked at SF SAML and not forwarded to ECP System.

How to handle authentication from ECP on this scenarios. OData Metadata call service response return SAML, not giving metadata. Destination we maintained basis authentication with SF EC User details.

Please share your views/inputs on this issue.

<html><head><meta http-equiv="cache-control" content="no-cache" /><meta http-equiv="pragma" content="no-cache" /></head><body onload="javascript:var url=window.location.hash;if(url&&(0!==url.length)){document.cookie="oucqqrwteywoyfqsoredbozbybouccexzcswxdz_anchor="+escape(url)+"; path=/"}document.forms[0].submit()"><noscript><p><strong>Note:</strong> Since your browser does notsupport JavaScript, you must press the Continuebutton once to</p></noscript><form method="POST" action="https://  <<< URL>>>"><input type="hidden" name="SAMLRequest" value="PHNhbWxwOkF1dGhuUmVxdWVzdCBJRD0iUzAwMTYzZTg2LThmMDItMWVkYi05YjhiLTRjY2U3OWMyNjdkOSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMjEtMDItMTFUMTE6MTU6MDhaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9oY20ycHJldmlldy5zYXBzZi5ldS9zZi9pZHAvU0FNTDIvU1NPL1BPU1QvY29tcGFueS9kd3JjeW1ydWN5RCIgRm9yY2VBdXRobj0iZmFsc2UiIElzUGFzc2l2ZT0iZmFsc2UiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly9teTAxMDA0NjUucGF5cm9sbC5vbmRlbWFuZC5jb20vc2FwL29wdS9vZGF0YS9zYXAvWlNGX09UX0RFVEFJTFNfU1JWLyRtZXRhZGF0YT9zYXAtbGFuZ3VhZ2U9RU4iIFByb3RvY29sQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPlhZVl8xMDA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkczpSZWZlcmVuY2UgVVJJPSIjUzAwMTYzZTg2LThmMDItMWVkYi05YjhiLTRjY2U3OWMyNjdkOSI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+V044dUxkZzc4UlVJVXdYNGpndnBXd0V6RmtBPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5DR01vWjdJZ2R4RXdXcHBXR2E3em5LejA4RTFBK3ArTmcrVUt4ck9QcFpPb0ltb2JZZ1ZWUkVWZmZ5V1NCeWlvRGpqMnNGcm5OTVJ2Cm5tL3o2b2MzMElqQ2FIcDZETEVhNnlrMTh5NUtLa1k1UXhLb3JnWDBkZlphcWpsZys4ODJZVlN1Yk9EZlMzeFZNUjV0aUd0d0xUeHcKdTBGS0FyRUxFZGFKdU1KM29xZTJPbkJFbEZzYndEaDJCcEI4Ky9rdHBmekF5aWZOTGo1Zmlib3RRdktscmg3SmFvZXBQUVo3dU5CeApocHRaRkV1Mk05OGhad0R0UTdTbGliY3IySS9EVkJnWnFnVjlSdW16Tk5tWm9SaEZtWUlXVk9wVTdTa2liVkxrWUFIN1JJYmF0VnJlCjROSWhuZUJkbE9VSkgxVGQ4S3AwUXZydXpuNFlMTy9UZWx5SE13PT08L2RzOlNpZ25hdHVyZVZhbHVlPjwvZHM6U2lnbmF0dXJlPjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDp1bnNwZWNpZmllZCIvPjwvc2FtbHA6QXV0aG5SZXF1ZXN0Pg=="><input type="hidden" name="RelayState" value="oucqqrwteywoyfqsoredbozbybouccexzcswxdz"><noscript><input type="submit" value="Continue"></noscript></form></body></html>

Regards,

Satya.

Show replies
Show replies
swirt
Discoverer
‎11-25-2021 8:30 AM
0 Kudos

Hi Satya,

i'm facing the same issue. Have you found a solution and would kindly share it with me?

Regards

Stanislaw

Answer

Accepted Solutions (1)

Accepted Solutions (1)

Ivan-Mirisola
Product and Topic Expert
Product and Topic Expert
‎05-19-2022 2:33 PM

Hi satyasunilkapagnati,

To access ECP APIs via SAML your BTP has to use the same IdP as your ECP tenant. Once both are authenticating in the same place, your are able to perform SSO using the following destination template:

Name=ECPSamlAssertion
Type=HTTP
URL=https://myXXXXXX-api.s4hana.ondemand.com
Authentication=SAMLAssertion
ProxyType=Internet
audience=https://myXXXXXX.s4hana.ondemand.com
authnContextClassRef=urn:oasis:names:tc:SAML:2.0:ac:classes:X509

If you are using different IdPs, then you can use the following approach:

Make sure you have performed all the required tasks in terms of extensibility in the Extension Center:

https://help.sap.com/docs/SAP_SUCCESSFACTORS_PLATFORM/d4a86924740742048029a71b1d674130/c5d4cd6bbb784...

The above tasks will give you an OAuth2 client that you can use on your destination with authorization type set as either OAuth2JWTBearer OAuth2UserTokenExchange. 

Name=ECPOAuth2
Type=HTTP
ProxyType=Internet
Authentication=OAuth2UserTokenExchange
clientId=<<<Client ID from ECP>>>
ServiceKeyName=<<<Client ID from ECP>>>
tokenServiceURL=https\://myXXXXXX-api.s4hana.ondemand.com/sap/bc/sec/oauth2/token
URL=https\://myXXXXXX-api.s4hana.ondemand.com
Best regards,
Ivan
Show replies
Show replies

Answers (0)

Ask a Question