Xsuaa and approuter in hybrid testing: POST reques...

migsafa · ‎2025 Feb 20

Hello!

I am hybrid testing a project where I am using xsuaa and approuter. However, I get this error in approuter log: POST request to /odata/v4/account/callExternalAPI completed with status 401 Authentication required

Here the configurations:

Service definition
service AccountService {
    
    entity TestEntity {
        key ID : UUID;
        Name   : String;
    }

    action callExternalAPI() returns String;
}<div><div><span>CDS configuration for hybrid testing in package.json project file:<li-code lang="json">{
...
  "cds": {
    "requires": {
      "auth": "xsuaa",
      "destinations": true,
      "[hybrid]": {
        "auth": "xsuaa"
      }
    }
  }
}<div><div><span>xs-secutiry.json project file:<li-code lang="json">{
  "xsappname": "testvscode1",
  "tenant-mode": "dedicated",
  "scopes": [],
  "attributes": [],
  "role-templates": [],
  "authorities-inheritance": true,
  "oauth2-configuration": {
    "redirect-uris": [
      "http://localhost:5001/"
    ]
  }
}<p> <span>default-env.json approuter file:<li-code lang="json">{
    "PORT": 5001,
    "destinations": [
      {
        "name": "srv-api",
        "url": "http://localhost:4004",
        "forwardAuthToken": true
      }
    ]
  }

xs-app.json approuter file:

{
    "authenticationMethod": "none",
    "routes": [
      {
        "source": "^/app/(.*)$",
        "target": "$1",
        "localDir": ".",
        "cacheControl": "no-cache, no-store, must-revalidate"
      },
      {
        "source": "^/appconfig/",
        "localDir": ".",
        "cacheControl": "no-cache, no-store, must-revalidate"
      },
      {
        "source": "^/odata/v4/account/(.*)$",
        "target": "/odata/v4/account/$1",
        "destination": "srv-api",
        "csrfProtection": false
      },
      {
        "source": "^/(.*)$",
        "target": "$1",
        "destination": "srv-api",
        "csrfProtection": false
      }
    ]
  }

To run the test I am using the following commands:

- cds bind --exec -- npm start --prefix app/router --> to execute approuter

- cds watch --profile hybrid --> to execute the developed CAP service

I execute these requests in Postman:

- https : // <org> . authentication . us10 . hana . ondemand . com / oauth / token to get the bearer token

- http : // localhost : 5001 / odata / v4 / account / callExternalAPI to call the action, including the token from the previous request

However, I the error mentioned below:

#2.0#2025 02 20 09:50:13:982#-03:00#ERROR#/Handler#####1452e28d-b331-4350-98be-2eab93f6ed6f####Sc8PKx7C2gRnIK6lc1gQnwHU4MmHRGd2######m7dcayxl#PLAIN##POST request to /odata/v4/account/callExternalAPI completed with status 401 Authentication required#

What am I missing in the configuration?

Thanks for your time and help.

Regards!

Mig

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

Xsuaa and approuter in hybrid testing: POST request completed w/status 401 Authentication required

Know the answer?

Need more details?

Accepted Solutions (0)

Answers (0)