I recently came across an issue with cookies working with API calls in SAP Build Automation, thought this small trick may help someone facing similar issues.
So, I have an Automation artifact, which is making API calls to SAP system with respective authentication (id & password). Each of these API calls are being made using "Call Web Service" activity and Basic authentication.
Some may argue, whty not have a single ID for all the API calls. Well, it is technically possible. Since we have these APIs for different functional areas, hence we were required to use them using respective User IDs.
Ok, The problem was, once the first SAP API call was made - subsequent API calls were still using the credentials of the first API call, even though each of these API calls were configured to use a separate set of credentials. And hence we ended up getting 403 Forbidden error. Upon debugging, we found that the previously generated Cookie is still lingering somewhere in Agent cache, which is causing the subsequent API calls to fail.
So, if you are making API calls from your Automation object - you are probably doing something as shown below
let url = variables.apiPath +?sap-client=" + variables.sapClient + "&$format=json";
let apiParams = {
method: 'GET',
url: url,
usePassport: false,
headers: {
Authorization: variables.credentials,
'Content-Type': 'application/json'
}
};
return apiParams;
If you want to reset the cookie that was generated, then you will need to pass a parameter named "resetCookie" to the param object. Such a sweet name !
So, the finally param options object would look like this
let url = variables.apiPath +?sap-client=" + variables.sapClient + "&$format=json";
let apiParams = {
method: 'GET',
url: url,
usePassport: false,
resetCookie: true, // This will reset the previously generated cookie
headers: {
Authorization: variables.credentials,
'Content-Type': 'application/json'
}
};
return apiParams;
And voila, the API call are now going thru successfully.
P.S: I am yet to test if we have the same cookie issue if we call the APIs using the other option "Call Web Service with Destination", may be something worth checking.
I hope this helps someone facing similar issues.
Cheers