Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Call SCP Workflow API from ABAP program

Go to solution
former_member639664
Explorer

on ‎2020 Apr 15 4:45 AM

0 Likes
2,425

Dear experts

I need to develop an application that triggers a SCP Workflow api, implementing principal propagation. The application that calls the api is an ABAP report in my on-premise system and user that start the process need to be propagated to cloud.

SCP Application Identity Provider trusts in a custom SAP IAS, so i can't call workflow api using basic authentication, only using SAML 2.0 mode.

My backend system, S/4HANA, trusts in the same SAP IAS. I can authenticate in SAP IAS and launch Fiori Launchpad (on-premise) and launch SCP application using the same username, due SSO.

How can i call the workflow api using SAML authentication mode in an ABAP report and Is it possible to implement principal propagation?
Note: report will run in background.

I know that i can do this using OAuth, but using this authentication mode, i can't implement principal propagation.

Cloud Connector does not work in this case because is on-premise pushing data to cloud.

Best regards,

Guilherme

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
gregorw
SAP Mentor
SAP Mentor
‎2020 Apr 15 6:53 AM

Hi Guilherme,

very interesting scenario. Please let us know if you're in the Neo or Cloud Foundry environment.

Would it be an option to send the user a notification in the Cloud Launchpad and the Workflow API is then triggered by the user starting the process?

Best regards
Gregor

former_member639664
Explorer
‎2020 Apr 15 3:27 PM
0 Likes

Hi Gregor,

Neo environment.

No, it's not an option to send the user a notification in the Cloud Launchpad, but we would like to monitor who is starting the process.

Using OAuth authentication, user oauth_client_MY_ID is the workflow initiator and is the user displayed in the My Inbox application for end users.

ManjunathGudisi
Product and Topic Expert
Product and Topic Expert
‎2020 May 15 3:08 PM
0 Likes

Hi Guilherme - Did you find an answer for this. Thanks, Manju

former_member639664
Explorer
‎2020 May 16 4:57 AM
0 Likes

Unfortunately not.

Accepted Solutions (1)

Accepted Solutions (1)

gregorw
SAP Mentor
SAP Mentor
‎2022 Jan 21 8:03 PM
0 Likes

Have you tried to use the Access SAP Business Technology Platform - Neo Environment using the OAuth 2.0 Client API description?

Show replies
Show replies
quyen_sap_viet
Explorer
‎2022 May 04 3:37 AM
0 Likes

Do we have any documents for Cloud Foundry ?

Answers (1)

Answers (1)

tobias_breyer
Product and Topic Expert
Product and Topic Expert
‎2020 May 18 6:43 AM
0 Likes

Hi Guilherme,

have you tried using the ABAP OAuth2 Client (CL_OAUTH2_CLIENT) with a SAP Cloud Platform client profile?

It seems to me it supports SAML 2.0 Bearer Assertion which is kind of the connection between the two approaches of authentication.

Regards,

Tobias

Show replies
Show replies
Ask a Question