- SAP Managed Tags
Introduction
The Data Export Service is an open API that enables data retrieval from SAP Analytics Cloud for integration with tools like SAP Datasphere, SAP BW, SAP HANA. It has no user interface and works by retrieving data from providers (planning models). See more
Bruno is a lightweight, open-source API client built for developers who want a fast, privacy focused, and Git-friendly way to work with APIs. Unlike traditional API tools, Bruno saves all your requests and configurations as plain files. This makes it easy to track changes, collaborate through version control, and work offline. It’s designed to be simple, efficient, and seamlessly integrate into your development workflow.
In Bruno, requests can be sent via 2 legged (for non-browser based application access to the REST API technical user) or 3 legged (for non-browser based application access to the REST API business user) authentication through Public API Service. In order to get the most out of Bruno, an environment should be created for each tenant.
Download Bruno
Overview
- Prerequisites
- Steps to Set up an OAUTH Client
- How to get Started in Bruno
- Creating Environments with Respective Variables
- How to Send External API Requests
- Sending 2 Legged Requests
- Sending 3 Legged Requests
- Troubleshooting
1. Prerequisites
1.1. Have an OAUTH Client set up for 2 legged Authentication.
1.2. Have an OAUTH Client set up for 3 legged Authentication.
2. Steps to Set up an OAUTH Client
2.1. Log onto the tenant.
2.2. Select Administration Menu.
SAC Homepage
2.3. Select App Integration.
Here you can find the Authorization URL and Token URL for the tenant. Click add a new OAuth Client.
App Integration
2.4. Fill out OAUTH Client details:
For the 2 legged OAUTH Client, ensure:
- Purpose is set to API Access.
2 Legged OAUTH Client Configuration
For the 3 Legged OAUTH Client, ensure:
- Purpose is set to Interactive Usage.
- Set the redirect URL to - https://oauth.pstmn.io/v1/callback
3 Legged OAUTH Client Configuration
Note that secrets can only be copied during client creation. If you don't have a copy of the secret, delete the OAuth client, and then add it again to generate a new secret. Ensure that you have a copy of the client secret when creating this new OAUTH Client.
2.5. Obtain the Client ID and Client Secret. Do not share the Client Secret.
2.6. You now should have:
- OAuth Client ID
- OAuth Client Secret
- Authorization URL
- Token URL
For a more detailed step-by-step overview, see associated post:
Getting Authenticated with Data Export and Data Import APIs
3. How to get Started in Bruno
A collection in Bruno is a structured folder that contains your API requests, environment variables, and other configuration files. Each request is saved as a plain text file, allowing you to organise and manage your API workflows in a version controlled format.
You want to first open the collection in Bruno rather than importing the .json file. By opening the collection folder instead of importing the .json file, we have source control over the collection and don't have to export and import the .json file every time a change is made.
3.1. Select the three dots on the left.
3.2. Select "Open Collection".
3.3. Select the folder for the collection you want to open.
This is what you should see:
Opening Collection in Bruno
4. Creating Environments with Respective Variables
Now, create a template in the environments dropdown for External API Requests.
External API requests made to your SAP Analytics Cloud tenant will have the following variables:
External API Request Template
This environment should contain values for each variable respective to your specific tenant.
5. How to Send External API Requests
Sending External API Requests - GET 2 and 3 Legged Authentication Request
Before sending External API Requests, you have to generate an access token. This is done with a seperate. GET Request. One for 2 legged requests - "GET 2 Legged Authentication" and one for 3 legged requests - "GET 3 Legged Authentication". These GET requests generate the access token and automatically place it in the BearerToken environment variable:
External API Request Sample Template
Note that ClientID_2 and ClientSecret_2 is for 2 legged requests, and ClientID_3 and ClientSecret_3 is for 3 legged requests.
This is what the "GET 2 Legged Authentication" Request looks like (under the Auth tab):
GET 2 Legged Authentication Request Configuration
This is what the "GET 3 Legged Authentication" Request looks like (under the Auth tab):
GET 3 Legged Authentication Request Configuration
To send External API Requests, there are variables present in the "External API Requests" environment that you fill in with your respective tenant information/credentials(ClientID, ClientSecret, AuthURL, CallBackURL etc). If you want to have multiple External API environments configured for different tenants, you can easily follow the same template for other tenants (with each tenant's respective credentials). These credentials are already pre-set in the different environments and that by changing the environment, the credentials for that specific environment/tenant will be populated automatically.
Ensure that you save the information once filled in. Note the AuthURL environment variable is used for the authorization URL and the access token URL, as seen in the GET 2 and 3 Legged Authentication screenshots above.
Authorization URL: {{AuthURL}}/oauth/authorize
Access Token URL: {{AuthURL}}/oauth/token
The Auth tab for each 2 or 3 legged request will be set to Inherit (from Bearer Token):
Auth tab configuration for 2 & 3 Legged Requests
6. Sending 2 Legged Requests
If you want to send 2 legged requests, locate the "2 Legged Authentication" GET Request. Generate an access token via the 2 Legged Authentication GET Request. Ensure grant type is "Client Credentials". This access token is automatically placed in the BearerToken environment variable in the "External API Requests" environment. Start sending requests.
7. Sending 3 Legged Requests
If you want to send 3 legged requests, locate the "3 Legged Authentication" GET Request. Generate an access token via the 3 Legged Authentication GET Request. Ensure grant type is "Authorization Code". This access token is automatically placed in the BearerToken environment variable in the "External API Requests" environment. Start sending requests.
Important: When switching between environments/tenants as per folder, ensure that you get a new access token. This new access token will overwrite the old value in the BearerToken environment variable.
8. Troubleshooting
If you find that the login dialog to put in your credentials for that tenant, is not displaying when requesting a 3 legged access token, ensure that you clear the cache and delete cookies when generating a new access token:
Clearing cache and cookies
Conclusion
Bruno is a fast, Git-friendly API client that simplifies testing and managing API requests across multiple tenants. With support for 2 legged and 3 legged authentication, environment templates, and version-controlled collections, it fits seamlessly into any developer's workflow. It's an efficient tool built for modern API development.
Useful Links
Download Bruno: https://www.usebruno.com/downloads
More on Data Export Service:
https://help.sap.com/docs/SAP_ANALYTICS_CLOUD/14cac91febef464dbb1efce20e3f1613/db62fd76514b48f8b71d6...
Step-by-step overview on setting up OAUTH Clients for authentication:
https://community.sap.com/t5/technology-blog-posts-by-sap/getting-authenticated-with-data-export-and...
| User | Count |
|---|---|
| 58 | |
| 20 | |
| 11 | |
| 11 | |
| 7 | |
| 7 | |
| 6 | |
| 6 | |
| 6 | |
| 4 |
