cancel
Showing results for 
Search instead for 
Did you mean: 

If the new Odata API change in SAP BYD new version will affect Odata for Report.

0 Kudos
521

Dear SAP Expert,

We receive SAP announcement about Odata API change in SAP new version 2308.

reference SAP Knowledge is "3339155 - OData APIs – Wrong usage of session cookies"

it mention below :

Integration scenarios using ODATA APIs might be impacted if not all cookies are sent to the server. The impact is especially seen when "x-csrf-token" value is sent via request header along with a specific session cookie (instead of all cookies).

We use Odata Query for Report, and Odata Query should be a "Get" Odata API.

In Odata Query, we don't use "x-csrf-token" in request.

So in my understand, this new Odata API change in new SAP BYD version won't affect the Odata Query we are using now.

Is it Correct ?

BR
Chen

Accepted Solutions (0)

Answers (1)

Answers (1)

pavithra_jc
Product and Topic Expert
Product and Topic Expert
0 Kudos

Dear Chen,

The impact is especially seen when "x-csrf-token" value is sent via request header along with a specific session cookie (instead of all cookies). In such cases, CSRF token validation fails resulting in HTTP response code: 403 - Forbidden.

For OData, if x-csrf-token is not returned with GET calls and are intended to be used between system to system integration. Therefore, the x-csrf-tokens are not required for POST, PATCH, PUT, and DELETE calls.

You can also refer to the below KBAs:2978556 - You Are Unable to Fetch Token Using GET Method - SAP for Me

3339155 - OData APIs – Wrong usage of session cookies - SAP for Me

I hope this information helps resolve your query.

Thanks and Regards,

Pavithra