CRM and CX Blog Posts by SAP
Stay up-to-date on the latest developments and product news about intelligent customer experience and CRM technologies through blog posts from SAP experts.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SAP Sales & Service Cloud v2 + ESM - Token Based Authentication (Avoid BasicAuth protocol)

Yogananda
Product and Topic Expert
Product and Topic Expert
‎2025 Mar 29 7:27 AM
521

Token-based authentication is essential for several reasons, especially in today's technology with SAP BTP Integrations, SAP Build for web and mobile applications . Here are some key benefits:

  1. Security: Tokens are more secure than traditional session-based authentication. They are typically short-lived and can be easily revoked if compromised. This reduces the risk of unauthorized access.

  2. Scalability: Token-based authentication is stateless, meaning the server does not need to store session information. This makes it easier to scale applications horizontally, as each request is self-contained.

  3. Flexibility: Tokens can be used across different domains and services, enabling single sign-on (SSO) and integration with third-party services. This is particularly useful in microservices architectures.

  4. Performance: Since tokens are self-contained and do not require server-side session storage, they can improve the performance of your application by reducing the load on the server.

  5. User Experience: Tokens can be stored on the client side (e.g., in local storage or cookies), allowing users to remain authenticated across multiple sessions and devices without needing to log in repeatedly.

  6. SAP Build Apps, Side by Side Extensions and API Integration: Token-based authentication is well-suited for various business use cases for designing extensions for web, mobile applications and APIs, where maintaining server-side sessions is impractical. Tokens can be easily included in HTTP headers for secure communication

039a52bb1e63226a7f2cada9a476a9f0.png

Note : SSC V2 Currently only REST is supported.  No Odata APIs are existed today

SAP Sales Cloud and SAP Service Cloud Version 2 - API Documentation 2025-03-29_12-49-40.gif

Below template is ready usable for Visual Studio Code with Rest Client Extension enabled. Just copy and create as file as api.http

 = https://XXXXXX.de1.demo.crm.cloud.sap
@user = XXXXXXXXX
@password = XXXXXXXXXX



###
#  login
GET {{url}}/sap/c4c/api/v1/iam-service/token
Content-Type: application/json
Authorization: Basic {{user}}:{{password}}

@accessToken = {{login.response.body.value.access_token}}

###
GET {{url}}/auth/token?grant_type=refresh_token
Content-Type: application/json
Authorization: Bearer {{accessToken}}


###
GET {{url}}/sap/c4c/api/v1/iam-service/users?$top=15&$skip=0
Content-Type: application/json
Authorization: Bearer {{accessToken}}

2025-03-29_12-22-50.gif

Kindly share the blog to all your colleagues who can get benefited.