Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
13,472
when we are doing integration between Cloud - Cloud and Cloud to On-Premise, then we have multiple types of Authentication to access the API's.

  • User Credentials :


User Id and Password

  • OAuth 2.0 Credentials :


Client secure url, Client ID , Client Secret and Scope

  • OAuth 2.0 Authorization Code :


Atheization URL, Token URL , Client ID, Client Secret and User Name and password

  • Client Certificate :


client certificate

In this blog post I am going to explain the end-to-end VAT return outbound interface integration between SAP to HMRC UK government portal using the OAuth 2.0 with the Client Credentials Grant to generate Access Token.

Integration Flow Chart




Step-1 : OAuth 2.0 Access Token Configuration


The Following diagram illustrates the process to get access token



 




  • Logon to your SAP Cloud Platform Integration web application

  • Navigate to the Monitor option then we can see overview.

  • Then go to Manage Security > Security Material



Here choose Create > OAuth2 Authorization Code.


 

Then need to maintain the Authorization URL, Token Service URL, Client ID, Client Secret, User Name and scope of the your interface (for the VAT return interface scope is  write:vat)


Click on the Deploy > Authorize > then it will redirect to the Callback URL, enter the Credentials once enter the credentials it will show as below then click on Grant Authority



Now successfully deployed the OAuth2.0 Access token configuration this will access later in the VAT return interface IFlow.

Step-2 End-to-End VAT return Interface IFlow



  • Navigate to Design > Package > Artifacts Tab

  • Choose Add Integration Flow




Step-3


From the sender Drag the connecting arrow to connect to start action, from the Adapter Type box select the SOAP/HTTPS.

SOAP: WSDL based integration then we can go for the SOAP adapter.

HTTPS: JSON based integrations then we can go for the HTTPS Adapter, and also it will work for the xml.

 




  • In Connection tab, enter the Address or URL details

  • Enter HRMC/VAT/returns Optionally, you can enter any value of your choice, but ensure that you use “/”symbol before specifying the endpoint name




Step-4 Groovy Script


The groovy script contains the functionality to fetch an access token from the OAuth2.0 Authorization Code credential which we have configured in the Step-1(Security Material).



import com.sap.gateway.ip.core.customdev.util.Message;
import com.sap.it.api.securestore.SecureStoreService;
import com.sap.it.api.securestore.AccessTokenAndUser;
import com.sap.it.api.securestore.exception.SecureStoreException;
import com.sap.it.api.ITApiFactory;
def Message processData(Message message) {

SecureStoreService secureStoreService = ITApiFactory.getService(SecureStoreService.class, null);

AccessTokenAndUser accessTokenAndUser = secureStoreService.getAccesTokenForOauth2AuthorizationCodeCredential("OAuth2.0");
String token = accessTokenAndUser.getAccessToken();

message.setHeader("Authorization", "Bearer "+token);



return message;
}


  • By calling the method


getAccesTokenForOauth2AuthorizationCodeCredential("OAuth2.0"),

  • you fetch the access token of the OAuth2 Authorization Code credential with name “OAuth2.0”.

  • once we get token from this method then we need to pass same Access token in the header level using the below groovy syntax.


message.setHeader("Authorization", "Bearer "+token);

Step-5 Content Modifier


By using content modifier, we are passing the Accept and Content-type parameters in the http header request as below.



Step-6 Request-Reply


Connect the Request Reply to Receiver by dragging the arrow icon on Request Reply to the Receiver


Select the Connection tab. In the Address field, enter the Target endpoint/Url(https://hostname/org/vrn/return)



Step-7



  • Click Save to persist the changes to integration Flow.

  • Click Deploy to deploy the integration Flow.





  • Navigate to the Monitor View.

  • Under the Mange Integration Content Section > Choose Start to access all the Started Artifacts that we have deployed.





  • Select the integration flow > Endpoint tab then you can notice REST API URL for the integration flow.

  • This URL can be used to invoke the integration flow as a REST API from any REST client like postman.




Step-8 Testing The Integration Flow Using  POSTMAN




Step-9 Trace and Monitoring in SAP CPI


Navigate to the Monitor > Manage Integration Content > Select the Iflow > Monitor Message Processing





  • Now we can see the messages status as completed

  • If you want to trace Iflow logs step-to-step then click on the trace option

  • Then we can see step-to-step process logs with content.





Conclusion


Finally with this blog post you can implement the end-to-end OAuth 2.0 Token based integration with SAP Cloud Platform Integration(CPI).

 
7 Comments
Labels in this area