on 2023 Dec 20 12:01 PM
Hello,
I'm building an extension application for FSM.
This application is hosted without authorization on SAP Cloud Foundry (Build Workzone).
In this application we call FSM api's to retrieve data.
Calls to the FSM Query API (https://eu.coresuite.com/api/) are working well.
This due to the "Access-Control-Allow-Origin: * " header.
For our usecase we try to retrieve timeslots for an actvity.
https://eu.coresystems.net/optimization/api/v3/job-slots/actions/search
This api does not return the "Access-Control-Allow-Origin" header.
Therefor causing a CORS error.
Due to not being authorized in the application we are not able to use SAP BTP Destination services.
We get 401 - not authorized.
For SAP CPI we also need a SAP User with proper roles.
We are looking for advise for the best solution for this usecase.
Maybe functionally there is another API in FSM to retrieve timeslots?
Or maybe we need to build a CAP project as reverse proxy?
Thanks in advance
Patrick Simons
Request clarification before answering.
Hello Patrick, thanks for your question. My team handles the /job-slots/actions/search API and I would like to support you here. Couple of questions:
CC: jose.cortes
Thank You,
Nikhil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nikhil,
Thanks for your response and thoughts for a solution.
1.a The customer uses FSM (Corsesystems) and uses SAP BTP. Therefore SAP BTP (CF) seems like the most logical host for an extension application.
Do you know another solution in this case? A separate hosting server feels like extra work (and maintenance).
1. b As far as I understand there is no FSM-data comming from the FSM-shell unless the user is loged in to FSM. Therefor there should be no risk for loosing unauthorised acces? As far as I understoud the documenation, the hosted extension application MUST be unauthorised, at least for the appconfig.json.
2. The CORS exception is based on the active host. In this case, since it is loaded as extension, Coresystems.net.
I have considered hosting a proxy on CF with CAP. But I have limited knowledge in this solution and thus hesitant to try to build this solution and wasting time after a couple of days if there is a better solution for this.
User | Count |
---|---|
6 | |
5 | |
4 | |
3 | |
2 | |
2 | |
2 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.