Overview-
Enable publishing notifications within SAP S/4HANA to allow users to conveniently access and manage them directly from the shell header of Buildworkzone site interface. In my case i am doing this configuration for Build workzone advanced edition.
Prerequisites-
1) SAP Task center is a prerequisite for notification enablement . Please refer my blog mentioned below .
https://community.sap.com/t5/technology-blog-posts-by-members/sap-task-center-integration-with-s-4ha...
2) Your SAP S/4HANA system is running version SAP S/4HANA OP-1909 (SAP_GWFND-754 SP06) or above.
3)A user with an assigned Subaccount Administrator role must assign the Business_Notifications_Admin role to the respective User or User Group role collections. Since this role is not included in any predefined Role Collection, the Subaccount Administrator must do one of the following
i)Define a new Role Collection and add the Roles to it
ii)Add the Roles in already existing Role Collection
Implementation -
1) Go to Buildworkzone Site settings and Enable the toggle for "Show Notifications"
2) Go to Site Manager settings > Notifications tab and generate the credentials which are required for configuration
Host
OAuth 2.0 Client ID
Client Secret
Authorization Endpoint
Token Endpoint
3) Add the below additional properties in Runtime destination of Buildworkzone
sap-sysid - system ID of SAP S/4HANA system
sap-client - client of SAP S/4HANA system
NOTIF_SERVICEPATH - /sap/opu/odata4/iwngw/notification/default/iwngw/notification_srv/0001
4) Download the Trusted certificate of the notification service using the below link and import in STRUST SSL client standard certificate list
https://notifications.cfapps.us20.hana.ondemand.com/
5) Download OAUTH 2 token endpoint certificate and import in SSL client anonymous
You can find the OAUTH token endpoint from step 2. Copy the url and paste in browser and click "cancel" on the popup
Click on export
Add it in the certificate list of SSL client anonymous
Step 6) Restart the ICM
Step 7 ) Create a OAUTH client profile of Service provider type "Default"
Go to SE80 and create a package and right on the package to create a OAUTH 2.0 Client profile
And select the checkbox "No authorization check" for the profile.
Step 8 ) Enter TCODE - OA2C_CONFIG and create a new OAUTH 2.0 client
Enter the client profile created in step 7, Enter the client ID from step 2 and click on "OK"
Now enter the client secret, authorization endpoint, token endpoint from step 2
Select the client Authentication as "Basic"
Here in my case servers are hosted by ECS ( Rise with sap) so we need to enter the proxy host and port as below. Leave them blank if it is not in the case of yours.
Step 9 ) Create a RFC destination of type "G"
Get the host details from step 2
on "Logon & security" tab Click on OATH settings and select the profile created
Set the SSL status to active
Select the HTTP version as 1.1
Step 10 - SPRO configurations
i)Register destination and OAuth profile for SAP cloud notification service
SAP NetWeaver > Notification Channel >Notification Channel Hub > Configuration >Connection Settings > Register Destination and OAuth Profile for SAP Cloud Notification Service.
Enter the RFC destination which craeted in step 9, enter the OAuth 2.0 client profile, Oauth 2.0 configuration and click on execute
ii) Activate and maintain push channels
SAP Netweaver > Notification Channel > Notification Channel Hub > Administration > Push Channel Settings > Activate and Maintain Push Channels
Choose New Entries to create a new record and enter SAP_CLOUD as Push channel ID.
Specify the sequence number, for example 50, as the sequence in which the push channel
iii) Register bgRFC destination for Cloud service
NetWeaver > Notification Channel > Notification Channel Hub > Configuration > Connection Settings > Register bgRFC Destination for Cloud Service
On the bgRFC Configuration screen, go to the Define Inbound Dest. tab and choose Create.
In the Inb. Dest. Name field, enter IWNGW_NOTIF_CLOUD_BGRFC.
Create one queue prefix in the Add Queue Prefix field and choose Add.
Choose Save to save the queue prefixes.
On the bgRFC Destination screen, choose Save to save your Customizing settings.
iv) Enable sensitive data cache on the Hub
Run transaction /IWNGW/H_CACHE_SDATA
Select the check box Click one execute
v) Set application-specific SSF parameters.
Run transaction SSFA and create a new entry. In the Create dialog, choose "Notification channel secure" and save your settings.
vi) Maintain encryption settings.
Run transaction STRUST and change to edit mode. In the tree on the left select the entry "SSF Notification channel secure" and choose Create.
In the following dialog where you select the encryption algorithm keep the default settings, confirm and save your settings.
You will see new sub-nodes created on the left-hand side under the node. Verify that the nodes have a green indicator next to them.
Step 11) Testing the configuration
Run Tcode - se38 - Execute program OA2C_GENRIC_ACCESS
Enter the Client profile and select " Access Token Request" and execute then you can see success message
Step 12) Checking notifications in Buildworkzone by clicking on the Bell icon
| User | Count |
|---|---|
| 9 | |
| 9 | |
| 9 | |
| 8 | |
| 8 | |
| 7 | |
| 6 | |
| 6 | |
| 5 | |
| 5 |
