cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OAuth authentication failed since update to 7.5 SP16

Go to solution
former_member296836
Participant

on ‎2020 Jul 02 1:40 PM

0 Kudos
4,168

Hi,

we have a RFC-to-REST scenario with OAuth to fetch a token in REST receiver channel that worked without any problems. After upgrade to 7.5. SP16 we receive the following error:

[EXCEPTION]

Ausnahme aufgetreten beim Adapter-Framework: HTTP OAUTH 2.0 RESOURCE OWNER PASSWORD CREDENTIALS GRANT call to https://<URL>:443/token not successful. Error while processing Authorization request!

com.sap.aii.adapter.rest.ejb.common.exception.HttpCallException: HTTP OAUTH 2.0 RESOURCE OWNER PASSWORD CREDENTIALS GRANT call to https://<URL>:443/token not successful. Error while obtaining authorization code - response code: 400
response:
{"error":"invalid_clientId","error_description":"Client 'xyz' is not registered in the system."}

Testing with Postman, the user is still available and I could fetch a token there (what I could before upgrade in PO as well).

Are there any changes in the OAuth process with the last updates?

Regards

Chris


Show replies
Show replies
Answer
View Entire Topic
Bhargavakrishna
Active Contributor
‎2020 Jul 03 3:35 PM

Hi Christian,

You can use https://requestbin.com/ to check the request that you are sending to the endpoint.

Login to this with your GitHub/Gmail account, copy the endpoint as shown in the below screenshot, and configure it in the REST communication channel where you have maintained the Authorization server URL to fetch the access token.

Regards

Bhargava Krishna

Show replies
Show replies
former_member296836
Participant
‎2020 Jul 08 11:00 AM

Dear Bhargava,

thanks for the hint. This helped me to compare the calls from Postman (successful) and PO (failed).

Next to some header parameters that were missing and that I added in the OAuth authorization configuration, I also see that SAP PO is sending an additional HTTP header parameter called "authorization". Unfortunately I can not compare if this was also send in the old SP version, but I had to suppress this header parameter to get a successfully response.

You can suppress this by adding the module parameter Oauth20AutorizationServerRequestType = none.


Thanks all for your support.


Regards

Chris

former_member499364
Participant
‎2022 Jun 07 9:23 PM
0 Kudos

Can you share how the module tab was setup

Ask a Question