cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

CPI: Accessing MessageProcessingLogs OData API via OAuth

babruvahana
Contributor

on ‎2020 Jun 15 4:45 PM

4,609

Hi Experts,

I am working on a POC for generating a CPI monitoring report and I need to access MessageProcessingLogs OData API via OAuth.

I have followed the blog for OAuth set up: https://blogs.sap.com/2019/02/14/cloud-integration-inbound-http-connections-using-oauth-client-crede... and it works fine when tested using POSTMAN tool.

I have stored the OAuth credentials in Security Materials and have done OData adapter configuration. When iFlow is deployed. It is failing with "com.sap.gateway.core.ip.component.odata.exception.OsciException: : 401 : HTTP/1.1" error.

I have tried unchecking CSRF protected option and checked my Client Secret multiple times and it has ESBMessaging.send role assigned too.

Any pointers would be a great help.

Regards,

Pavan G

OData Adapter Config:

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (4)

Answers (4)

former_member1924
Advisor
Advisor
‎2020 Jun 15 5:18 PM

Hi Pavan,

Could you please try below setting while maintaining OAuth credentials.

hope this helps !

thanks and regards,

Praveen T

Show replies
Show replies
babruvahana
Contributor
‎2020 Jun 15 5:53 PM
0 Kudos

Hi tirumareddy.praveen

Posted on

Thanks for the response.

I tried this option. But no luck.

It is failing with the below error :

com.sap.gateway.core.ip.component.odata.exception.OsciException: Error in retrieving Authorization header. Status code:400; Reason:{"error":"invalid_scope","error_description":"Scopes exceed the scope registered for the client."}

Regards,

Pavan G

former_member637863
Participant
‎2020 Jun 18 5:50 AM

Hi

I used HTTP adapter and check message processing for last 30 minutes

Adress :https://xxx.hci.ap1.hana.ondemand.com/api/v1/MessageProcessingLogs

Query :${header.QUERY}

I formed query in below groovy script.

It is giving expected output.

import com.sap.gateway.ip.core.customdev.util.Message;

import java.util.HashMap;

import static java.util.Calendar.*;

def Message processData(Message message) {

def localTimeZone = TimeZone.getTimeZone('Australia/Melbourne');

def cal = Calendar.instance; def date = cal.time; def var1 ="";

//Header

def dateFormat = 'yyyy-MM-dd\'T\'HH:mm:ss';

use (groovy.time.TimeCategory)

{

var1 = date-30.minutes;

}

def strdate = var1.format(dateFormat)

def enddate = date.format(dateFormat)

def query = "\$" + "inlinecount=allpages&" + "\$" + "filter=Status%20eq%20'FAILED'and%20LogStart%20gt%20datetime'" + strdate + "'%20and%20LogEnd%20lt%20datetime'" + enddate + "'%20and%20IntegrationFlowName%20eq%20'Iflow name'"

message.setHeader("QUERY", query);

def messageLog = messageLogFactory.getMessageLog(message); messageLog.addAttachmentAsString("FileName:", query, "text/plain");

return message;

}

Then I use process call and and pass message ID to get detailed error information.

Thanks

Harsha

Show replies
Show replies
joost_stallaert3
Discoverer
‎2020 Oct 15 7:14 PM
0 Kudos

Apparently the CPI Internal API only supports "basic auth"...

See 2768194 - Authorization to CPI internal Odata API.

That's a bummer

Show replies
Show replies
jravnik
Participant
‎2020 Oct 21 7:03 PM
0 Kudos

Hi Joost,

the OData API of the CPI does work with OAuth2 Bearer Token. You can try it with Postman, for example.

I just haven't got it to work with the OAuth2 Client Credentials as in the original post. I therefore took the work around and just used a HTTPS Receiver Adapter to retrieve the Bearer Token manually (Authentication set to 'Basic') and then set it as the Authorization header via a Groovy script. After that I used the OData Receiver Adapter with Authentication set to 'None'.

It seems like the grant_type=client_credentials query parameters are getting messed up or lost in the OData Receiver Adapter when the Authentication is set to 'OAuth2 Client Credentials', as I always got this response: {"error":"unsupported_grant_type","error_description":"Unexpected request grant type."}

Best regards
Jürgen

Ayushi_Dhar1
Discoverer
‎2024 Nov 04 11:26 PM
0 Kudos
Hi Jürgen, for me it is throwing error getting the token is success but hitting the log API results in 401 error
Ayushi_Dhar1
Discoverer
‎2024 Nov 04 11:28 PM
0 Kudos
i added bearer token on groovy script and set no auth odata. I have removed CSRF Protected from odata
former_member1924
Advisor
Advisor
‎2020 Jun 15 6:41 PM
0 Kudos

Hi Pavan,

Please check the postman console to check what are the headers getting set while making request.

You could alter accordingly.

hope that helps !

thanks and regards,

Praveen T

Show replies
Show replies
Ask a Question