Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
Hira
Participant
1,023

Pre requisites for this blog

  • Activate - Manage API capability (if not activated yet)
  • Setup API Business Hub Enterprise and add your user as Developer

Introduction

In this blog, I am going to use a public calculator SOAP service as an example and create a SOAP API as CPI artifact then call the same SOAP API from SAP API Management. So, let's begin.  

Step # 1: Create a SOAP API

  • Create a new package or edit an existing one (I am creating a new package with name "Calculator")
  • Add a new artifact, choose API as artifact type.

Hira_0-1728798312258.png

  • A popup window will appear, asking for the runtime profile information choose Cloud Integration and click Next
  • On the next screen, select "SOAP API" as API type and click Next
  • Choose New and click Next
  • Give API an name (in my case, i name it as "Calculator API" ) and click Create

A new SOAP API will be created inside the package, open the API in edit mode and delete Content Modifier from Handle Request - Local Integration Process. 

Hira_1-1728799187520.png

 

Step # 2: Edit the Calculator API 

Note: I am going to use dneonline (open the link and save the WSDL in your local drive for later use)web service in this example.

  • edit the "SOAP" as sender adapter setting
    • give an address to the SOAP API 
    • select WSDL in "Service Definition" and browse the WSDL you have save earlier. Once you select the WSDL choose operation you want to perform.

Hira_2-1728799418039.png

  • Add "Request-Reply" step in Internal integration process and connect it with receiver and choose "SOAP" as receiver adapter type.

Hira_3-1728799875853.png

  • Open SOAP setting (as receiver adapter) and edit as below

Hira_5-1728800020371.png

  • Save and Deploy the SOAP API

 Step # 3: Test SOAP API

Once API is deployed, download the WSDL definition from Monitor > Integrations & APIs. Go to SoapUI and browse the newly saved WSDL definition. Choose Add operation and test the service. (Note: for authentication use integration-flow type service key credentials

Hira_6-1728800619182.png

Step # 4: Create a Provider as Type "Cloud Integrations"

Note: Copy the "API" type service key information (open BTP Cockpit and go to subscription page there locate "Instances" table, download/copy the key information.

Hira_7-1728801711810.png

First, we need to create an API Provider for that: 

  • go-to "Configure >> APIs" 
  • then go-to "API Providers" tab
  • and click "Create" 
  • Type name as "CPI Provider" and move to next tab "Connection"
  • Select "Cloud Integrations"
  • Open the downloaded key file and copy the URL 
  • Paste it in "Cloud Integration Management Host" field
  • select Authentication type as "OAuth2ClientCredentials"
  • Copy ClientID and Client-Secret and paste respectively.
  • Save and Test the connection

Hira_8-1728802082421.png

Step # 5: Create a API Proxy using CPI Provider

  • Go to Configure > APIs, this time select "API Proxies" tab
  • Click "Create"
  • A new popup window will appears, select API Provider in radio list
  • and choose the newly created CPI Provider from the drop-down list and click "Discover"
  • A new dialog will open, where you will find the Calculator API we created in Step 1, choose it and click "Next"
  • For authentication choose "Basic" and input the credentials which you have use to test the SOAP API in step 3 and click "Done"
  • Once you back to the API Create window you will see few fields are already filled in, you can change the text if wish to but keep the URL value as it is, i am keeping them as it is. 

Hira_0-1728803091902.png

  • Click "Create" to create the Proxy
  • On the next screen, click "Save" and then "Deploy".

Hira_1-1728803246434.png

  • Copy the API Proxy URL 

Step # 6: Test the API Proxy

  • Open SoapUI and edit the endpoint on the request we testing in Step 3
  • set the authentication to "No Authentication" and click "Submit" 

Hira_2-1728803502410.png

Step # 7: Apply Policy to Secure the API

  • Edit the API Proxy created step 5
  • and go to Policies 
  • On the next screen select "Edit"
  • On the left hand side Policy Edit expand the "Proxy Endpoint" and select "PreFlow"
  • Then choose Verify API Key policy (click plus sign) from right hand side of the side menu 

Hira_3-1728803945132.png

  • Give a name to the policy and click "Add"

Hira_4-1728804004176.png

  • update the variable reference name to  "request.header.apikey"

Hira_10-1728806410317.png

  • click "Update" button 
  • and then Save and Deploy again

Step # 8: Create a Product and Subscribe it

  • To create a product go to Engage 

Hira_5-1728804286791.png

  • Keep on Products Tab and click "Create"
  • Type name and title and move to "APIs" tab
  • Click "Add" and select the Calculator API Proxy from the list and Click OK
  • Publish the Product
  • Now go to API Business Hub Enterprise 

Hira_6-1728804755073.png

  • You will see the product you created earlier there
  • select the product and go to next page
  • To subscribe choose New application from the drop-down list
  • Give a name and click Create 

Hira_7-1728805360424.png

  • Now, copy the key for testing 

Step #9: Test API with API Key

  • Go to SoapUI again
  • add a header as "apikey" and paste the copied key in value field 
  • now submit the request you will receive the response 

Hira_9-1728805720649.png

Conclusion

In this way, you can secure your CPI artifacts from direct access. SAP API Management offers lot of different policies which help developer built a security layer around the backend services. I just added the authentication mechanism, but it offers much more such as Traffic Management Policies, Security Management Policies, Mediation Policies. 

Labels in this area