cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CPI Runtime on PO - 403 when calling the endpoint

Go to solution
hac
Participant

on ‎2020 Dec 10 1:36 PM

0 Kudos
481

Hi,

I have deployed an SCPI scenario on PO 7.5 SP16: SOAP -> some mappings -> REST. The deployment was succesful. However when I call it from SOAPui I get a 403 Forbidden. The user I am trying with is my PO user and has the ESBMessaging.send role assigned.

Is there a way to debug this and find what the error could be ?

Thank you in advance !

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

Sriprasadsbhat
Active Contributor
‎2020 Dec 10 2:41 PM
0 Kudos

Hello Andrei,

Final check would be roles.Can you check your user has all the below mentioned roles.

https://help.sap.com/viewer/5cf7d2de571a45cc81f91261668b7361/7.5.16/en-US/b2d602296fe54aa58f4c269450...

Also have a glance at below KBA for any missing config.

https://launchpad.support.sap.com/#/notes/0002212870

Regards,

Sriprasad Shivaram Bhat

Show replies
Show replies
hac
Participant
‎2020 Dec 10 2:49 PM
0 Kudos

Hello Sriprasad,

Thanks. It seems that although I had all the admin roles and could test the PO iflows, for the CPI runtime the user needed to have specifically: SAP_XI_APPL_SERV_USER

Thank you,

Andrei

Answers (2)

Answers (2)

Sriprasadsbhat
Active Contributor
‎2020 Dec 10 2:19 PM
0 Kudos

Hello Andrei,

Please refer below blog by ricardo.viana it might help you. I guess there is issue with endpoint url you are trying to hit.

https://blogs.sap.com/2019/04/03/sap-cpi-scenario-on-pipo-on-premise-runtime/

Regards,

Sriprasad Shivaram Bhat

Show replies
Show replies
hac
Participant
‎2020 Dec 10 2:32 PM
0 Kudos

Hi,

thank you for your reply. I already read it and I build it as in there basically I take the path that is displayed in the endpoints tab:

so my url is https:[host]:[port]/igwcxf/services/ARTMAS

Am I missing something ?

fernandoluck
Associate
Associate
‎2020 Dec 10 1:40 PM
0 Kudos

Hello Andrei,

Is the endpoint CSRF protected? If so, that may be happening because you're not passing the X-CSRF-Token header.

Take a look at the following blogs, if this is the case:

https://blogs.sap.com/2019/06/11/inbound-https-with-csrf-protection-in-cpi-integration-flows/

https://blogs.sap.com/2019/08/28/best-practice-for-using-csrf-protected-flag-in-cpi-odata-adapter-ou...

Regards,

Fernando Lucktemberg

Show replies
Show replies
hac
Participant
‎2020 Dec 10 1:46 PM
0 Kudos

Hi Fernando,

Thank you for the quick reply. I'm using the SOAP adapter and it doesn't have the CSRF protection.

Thanks,

Andrei

Ask a Question