Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
ganeshn
Product and Topic Expert
Product and Topic Expert
1,943
This blog post is intended to showcase how easily the Principal Propagation setup between SAP BTP and SAP S/4HANA can be tested from SAP Build Process Automation in three simple steps.

Context:

Consume SAP S/4HANA API using Actions project from SAP Build Process Automation using SAP Cloud Connector via Principal Propagation

Below are the three simple steps to accomplish this scenario:

  1. Setup Principal Propagation between SAP BTP and SAP S/4HANA via Cloud Connector

  2. Create Actions project in SAP Build Process Automation

  3. Consume Actions project in Process


Let's Go...

Step 1: Setup Principal Propagation between SAP BTP and SAP S/4HANA via Cloud Connector


There are many good blog posts that help to accomplish this step however one such blog from claus.burgaard is a good starting point and I have only highlighted minor changes from this blog that I had to do for the setup to work

  • For the user certificate in Cloud Connector, make sure the subject pattern is as highlighted below





  • Reverse proxy parameters


Depending upon whether you use multiple trusted reverse proxies (in which case you use parameter icm/trusted_reverse_proxy_<x>) or single trusted reverse proxy (in this case you use parameters icm/HTTPS/trust_client_with_subject, and icm/HTTPS/trust_client_with_issuer). See the corresponding documentation here

NOTE: Take help from your SAP BASIS or Security experts if needed to configure these values. To keep it simple for testing purposes, I entered the below values

icm/HTTPS/trust_client_with_issuer = *

icm/HTTPS/trust_client_with_subject = *

System configuration in Cloud Connector should look like below


The destination configuration in SAP BTP should look like below



Step 2: Create Actions project in SAP Build Process Automation


Again, there are several good blogs that give step-by-step details, you can refer to this blog from archana.shukla or this blog from thomas.jentsch

In my case, I created an Actions project to consume Business Partner OData (API_BUSINESS_PARTNER) from SAP S/4HANA

Step 3: Consume Actions project in Process


As the last step, I created a process in SAP Build Process Automation with Form trigger. In the Form, I added a dropdown control to display Business Partners using the Actions (GET method)



Now, launch the form and you should see Business Partner numbers in the drop-down which is fetched from SAP S/4HANA


A cool new feature "Run a Step on Behalf of (Principal Propagation)" was introduced in May 2023 release, see this blog for further details. To test this feature as well as the Actions' POST method, I created a simple process for Business Partner creation.




  • End-user will submit the form for Business Partner creation

  • A user task will be created for Business Partner approval

  • Once the task is approved, the Action (to create Business Partner in SAP S/4HANA using the POST method) will be triggered on behalf of the user who approved the request


Validation that Principal Propagation worked:


In Cloud Connector logs, you should see the X.509 certificate generated as shown below


In SAP S/4HANA ICM logs you should see below


I would like to thank robink17 for motivating me to write this blog and kiran.kola for helping me troubleshoot and fix issues.
1 Comment