There are already some blogs out there outlining ways to test your APIs developed on SAP BTP ABAP Environment e.g. using cookies from ABAP Development Tools (see
here) or other SAP BTP APIs using the OAuth 2.0 password grant (see
here).
With this blog I want to add another option that Postman offers and that is possible to be used with SAP BTP ABAP Environment: The OAuth 2.0 Authorization Code Grant
What you need:
- Postman
- Service key of your SAP BTP ABAP Environment service instance
- An API you want to test and have access to with your Business User
What you get:
- Quick way to test your ABAP APIs without including them in communication scenarios of IAM Apps / business catalogs (provided you do this in your development system)
- Access to the API with your own user without the need for a technical user
- Support for most authentication flows that your Identity Provider might require (e.g. 2-Factor)
Get the Service Key
In the SAP BTP Cockpit navigate to your BTP ABAP Environment service instance and create a service key for it, which contains the required OAuth 2.0 credentials for the Authorization Code grant.
SAP BTP ABAP Environment Service Key
Prepare Postman
1. In Postman start off with an empty request and navigate to the
Authorization pane
Postman Authorization pane
2. Choose
OAuth 2.0 as Authorization
Type, select
Add authorization data to Request Headers and scroll down to
Configure a New Token
Configure New Token
3. Provide a
Token Name, select
Authorization Code as
Grant Type and enter
http://localhost:8080 as Callback URL (port doesn't really matter, but needs to be filled)
Initial Configuration
4. Now fetch the
url, clientid and
clientsecret values from the
uaa section of your SAP BTP ABAP Environment service key
UAA Service Key Section
5. Use the URL from the service key and append
/oauth/authorize for the
Auth URL and
/oauth/token for the
Access Token URL
Auth URL
Access Token URL
6. Finally use the
clientid and
clientsecret values for the
Client ID and
Client Secret fields respectively
Client ID / Secret
7. Use the
Get New Access Token button at the bottom to start the authentication flow, which depends on your concrete trust configuration
Get New Access Token
8. Once authenticated you can
Use the Token for your Postman request
Use Token
Test your API
Use the URL of the SAP BTP ABAP Environment instance from your service key (not the one from the uaa section) to call any API your user has authorizations for
Execute ABAP API