Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Using OAuth2 to retrieve a valid API access token

Go to solution
Former Member

‎2019 Dec 18 7:33 AM

0 Likes
6,642

Hello Experts,

We have an existing report which sends our data to external through Restful request. In which the static API-key for API authentication is used. Now we have to replace this Authentication process with OAuth2 client credential flow.

Please assist me the class/method used or any sample code for obtaining and handling the access tokens. I have gone through the SAP documents but not clear about the class/methods to be used. Also kindly let me know if any configurations required to be done. If any, then how to check if the configuration already exists in the system or not.

Thanks and Regards,

Arunagiri.

1 ACCEPTED SOLUTION
Read only

Go to solution
Tomas_Buryanek
Product and Topic Expert
Product and Topic Expert

‎2019 Dec 18 9:05 AM

3,663

I had same problem and ended up doing it manually (developed it myself). I could not make the "OAuth 2.0 Client for AS ABAP" work. By the way I think there is some OAuth 2.0 support in SAP PI if you have it you can try it.

Manual (program) steps like this:

  • First HTTP call to retreive OAuth 2.0 token (save token + its valid period). In future token calls I am checking if it is still valid and either use valid one or do HTTP call to get a new one.
  • Second HTTP call is your REST request, where you put token in the HTTP header field. Similar like your static API-key.

EDIT: you might need more calls then just one "get token", depending on how is the third party implementing the OAuth flow.

-- Tomas --
11 REPLIES 11
Read only

Go to solution
Tomas_Buryanek
Product and Topic Expert
Product and Topic Expert

‎2019 Dec 18 9:05 AM

3,664

I had same problem and ended up doing it manually (developed it myself). I could not make the "OAuth 2.0 Client for AS ABAP" work. By the way I think there is some OAuth 2.0 support in SAP PI if you have it you can try it.

Manual (program) steps like this:

  • First HTTP call to retreive OAuth 2.0 token (save token + its valid period). In future token calls I am checking if it is still valid and either use valid one or do HTTP call to get a new one.
  • Second HTTP call is your REST request, where you put token in the HTTP header field. Similar like your static API-key.

EDIT: you might need more calls then just one "get token", depending on how is the third party implementing the OAuth flow.

-- Tomas --
Read only

Go to solution
Former Member

‎2019 Dec 18 9:32 AM

0 Likes
3,663

Hi Tomas,

Could you please elaborate the manual step which you have used in your scenario?

In the First HTTP call - Which class/method is used to retrieve the OAuth2 token? as we need to pass the client_id, client_secret and grant_type to fetch the token.

Thanks and Regards,

Arunagiri.

Read only

Go to solution
Tomas_Buryanek
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎2019 Dec 18 9:46 AM

3,663

Hello,
which class/method are you using for your current rest request? I used cl_http_client class.
Passing grant_type + authorization example:

lo_http->request->set_form_field(
   EXPORTING name  = 'grant_type'
             value = 'xyz' ). "your grant_type

lo_http->request->set_header_field(
   EXPORTING name  = 'Authorization'
             value = 'xyz' ). "your authorization (probably "Basic" + Base64 client id+secret value)
-- Tomas --
Read only

Go to solution
Former Member

‎2019 Dec 18 10:29 AM

0 Likes
3,663

Hi Tomas,

We are using the same Cl_http_client.

I will refer your code but where do we receive the OAuth2 Token after we set the credentials/grant type using the lo_http->request->set_form_field().

So as per your logic:

First HTTP Call:

http_client->request->set_form_fields( fields = lt_credential multivalue = lv_value ).

lt_credential will have the client_id and grant_type.

Second HTTP call:

we have to pass the access token in the below method?

http_client->request->set_header_field( name = 'Authorization' value = Access-token ).

Please make me clear.

Thanks and Regards,

Arunagiri.

Read only

Go to solution
Tomas_Buryanek
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎2019 Dec 18 10:52 AM

3,663

No you got it wrong. set_form_fields or set_header_field is not HTTP call.

I suggest you to study a little bit about basics of HTTP communication (request method, header fields, form fields, request body, response body, response header fields...) - when you will understand these things, then you will be ready to work with cl_http_client which is straightforward about this.

Also it is good to first try any kind of HTTP requests in POSTman or some similar HTTP client. And then when you make it work you can replicate it in ABAP.

-- Tomas --
Read only

Go to solution
Sandra_Rossi
Active Contributor
In response to Former Member

‎2019 Dec 18 12:29 PM

0 Likes
3,663

Please use the COMMENT button for comments, questions, adding details, etc., ANSWER is only to propose a solution, dixit SAP text at the right of the answer area. At the same time, the person will be informed of your comment (currently not).

Read only

Go to solution
former_member322405
Explorer
In response to Former Member

‎2021 Jan 26 2:07 AM

0 Likes
3,663

Hi, I tried to use set_form_field and I also added the certifications to strust, but I am getting error code 407, SSL handshake with authentication xxxxxxxxx SSSLERR_NO_SSL_RESPONSE (-75)#Server did not respond with SSL/TLS protocol. I tested same call in postman and it did work. Please let me know if you have any recommendations on areas I should look next.

Regards, Marta

Read only

Go to solution
Tomas_Buryanek
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎2021 Jan 26 2:59 PM

0 Likes
3,663

marta.miyazaki2 are you 100% sure that you have used correct SSL certificate?
(be careful if your company/VPN is using any king of proxy or something, which can alter the SSL)
Also check where exactly did you placed the certificate in the STRUST. There are multiple clients (folders) and maybe you use different client in your HTTP call.

-- Tomas --
Read only

Go to solution
former_member322405
Explorer
In response to Former Member

‎2021 Jan 31 3:26 PM

0 Likes
3,663

Hi Tomas,

Yes, I downloaded the certification from all levels and loaded into STRUST SSL_server_standard. I also tried as Anonymous, by passing ssl_id = 'ANONYM' after loading in strust SSL client SSL Client (Anonymous) and I got same error. I am reading now around OAUTH to see if that works, but so far no luck

Read only

Go to solution
Former Member

‎2020 Jul 13 10:46 AM

0 Likes
3,663

Hi arunagiri.a

Is your issue solved?

Read only

Go to solution
maheshboby63
Newcomer

‎2021 Jan 20 7:27 AM

0 Likes
3,663

Hi arunagiri.a,

I am trying to generate a access token to upload data to the cloud. Can you please help me by providing the steps to generate the oauth token using abap code.

thanks in advance