cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP PI Rest Receiver Adapter JWT Token Request

Go to solution
joel_langoyan
Participant

on ‎2021 Jul 21 2:35 AM

0 Kudos
1,962

Hi Experts,

In our project we are looking into apply the note 2892050 - New Feature: Add Support for OAuth 2.0 JSON Web Token profile in REST Adapter in so we have requested to update the ESR Content as said feature is not available in the REST receiver adapter.

For our scenario, we call API in Mulesoft and initially we only had the typical OAuth configuration (which was working) in the receiver adapter until recently they applied a validation on the request format for the tokens. They require the token request to be in JSON format.

I need to confirmation for the following:

1. Does the feature mentioned in the note would result in a token request of JSON format?

2. As someone already asked on an old post, where does credentials to the token authorization server need to be added? The note does not mention of parameters for client ID and secret.

Any inputs is highly appreciated.

Regards,

Joel

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

alex_bundschuh
Product and Topic Expert
Product and Topic Expert
‎2021 Jul 21 11:16 AM

Hi Joel,

in the SAP note 2892050 that you refer in your question, the specification is linked, so check out https://datatracker.ietf.org/doc/html/rfc7523#section-2.1

According to this, the token is in JSON format, this will then be encoded and passed as header parameter to the token service, so the actual request doesn't contain a body, all parameters are provided to the token service via http headers.

So far, we only support JWT for Authorization Grants, here you do not authenticate to the token service, the signature is used to validate the JWT, JWT for Client Authentication is actually on the roadmap, see https://roadmaps.sap.com/board?PRODUCT=01200314690800000134&FT=INTEGRATION&range=CURRENT-LAST#;INNO=...

Alex

Show replies
Show replies
joel_langoyan
Participant
‎2021 Jul 21 12:59 PM
0 Kudos

Hi Alex,

Thank you very much for the response. It seems that the we would not be benefitting apply the note since our scenario requires an actually JSON request (with body) to get tokens.

Joel

alex_bundschuh
Product and Topic Expert
Product and Topic Expert
‎2021 Jul 21 2:07 PM
0 Kudos

Hi Joel,

if you have a Cloud Integration tenant, you may use the cloud integration runtime inside PO, with the integration flows of the Cloud Integration you are much more flexible wrt modeling environment, here you can explicitly model the token call and define the request in what ever format you need. As said, prerequisite is that you have a Cloud Integration tenant since you use its design environment, deployment is then on PO. Check out this blog series at https://blogs.sap.com/2017/08/11/best-practices-cloud-integration-content-in-sap-process-orchestrati...

Alex

Answers (0)

Ask a Question