Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
Showing results for 
Search instead for 
Did you mean: 
In first part we completed Step by Step configuration in Google Developer Console for activating Gmail API. Please refer below URL for part I:-

Link : GCP Config

In this part will share important steps for development of interfaces in SAP PI/PO for SAP-GMail integration using Json Web Token(JWT) method for OAuth.

Prerequisite :-

Email Address of Service Account, Gmail Scopes, Json Private key

b) Development of interfaces in SAP PI/PO for SAP-GMail integration using Json Web Token(JWT).

As per my requirement there are four interfaces need to be developed.

I)Google Authorization, II) Get Mail Details, III)List Mail & IV)Trash Mail


I) Google Authorization Interface :-

This interface will provide Access token from Google OAuth2.0 API. Which uses concept JSON Web Token method for Token creation.

What is JWT?

JSON Web Token (JWT) is a method by which info transmitted securely between parties as a JSON objects. And information is verified and trusted as it is digitally signed.

A JWT is composed of three parts: a header, a claim set, and a signature. (You can refer below mentioned blog post for detail understanding of creation of JWT)

Flow to call Google API's using JWT looks like below. For detail understanding of it you can refer below blog post given by google for OAuth2.0.

URL : Google OAuth2.0

Considering details given by Google to create JWT, I have created below Java program, which creates JWT token as required by Google API's, we can use this program as a UDF in Authorization Interface.

Note: This integration used in SAP PO 7.4 version, In SAP PO 7.5 latest patch JWT authentication is available in Receiver REST adapter.
public String JWTokenCreate(String giss, String gscp, String gauth, String gsub, String gidt, String gedt, Container container) throws StreamTransformationException{


// Creation of encoded header body string for Json Web Token
String Head = "{\"alg\":\"RS256\",\"typ\":\"JWT\"}";
byte[] hencrypt = Head.getBytes();
String Hencrypt = DatatypeConverter.printBase64Binary(hencrypt);

String Body = "{\"iss\": \""+giss+"\",\"sub\": \""+gsub+"\",\"scope\": \""+gscp+"\",\"aud\":\""+gauth+"\",\"exp\""+": "+gedt+",\"iat\""+": "+gidt+"}";
byte[] bdencrypt = Body.getBytes();
String Bdencrypt = DatatypeConverter.printBase64Binary(bdencrypt);

//Concate header and body used for Json Web Token
String HBfinal = Hencrypt+"."+Bdencrypt;

//Private Key
String PRIVATE_KEY = "complete private key start with BEGIN till END of key.";

// Read in the key into a String
StringBuilder pkcs8Lines = new StringBuilder();
BufferedReader rdr = new BufferedReader(new StringReader(PRIVATE_KEY));
String line;
while ((line = rdr.readLine()) != null) {

// Remove the "BEGIN" and "END" lines, as well as any whitespace
String pkcs8Pem = pkcs8Lines.toString();
pkcs8Pem = pkcs8Pem.replace("-----BEGIN PRIVATE KEY-----", "");
pkcs8Pem = pkcs8Pem.replace("-----END PRIVATE KEY-----", "");
pkcs8Pem = pkcs8Pem.replaceAll("\\s+","");

// Base64 decode the result
byte [] pkcs8EncodedBytes = DatatypeConverter.parseBase64Binary(pkcs8Pem);

// Extract the private key
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pkcs8EncodedBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PrivateKey privKey = kf.generatePrivate(keySpec);

//Function to create google api signature
Signature signature = Signature.getInstance("SHA256withRSA");

byte[] raw = HBfinal.getBytes("UTF-8");
byte[] signed = signature.sign();

//Create SignKey with privatekey and base64encode
String Signkey = DatatypeConverter.printBase64Binary(signed);
String finalBearer = HBfinal +"."+Signkey;

//URL Encoder for content type x-www-form-urlencoded
String encodedData = URLEncoder.encode(finalBearer, "UTF-8");

return encodedData;

catch (Exception error)
throw new RuntimeException(error);



As per Google blog post we have to create request as mentioned below in screenshot.


Above UDF is used in Request Message mapping as shown below.







In Operation Mapping I am using 3 Mappings :

- Graphical mapping for Request Message
- XSLT mapping to create JSON message
- Java mapping to create final Raw message format

For Response message normal one to one mapping is done.

In ID part REST Receiver Channel need to be configured like below as shown in screenshots

We get error from Google API in the form standard HTTP Response, for this we have to use custom error handling as below.

This configuration give us a desire Access token, which need to be used in other three interfaces for Gmail APIs.


II) Gmail API Interfaces :- (List, Get & Trash)

I am merging three API's (Get, List & Trash) Interface details in this section as it is a very simple Interfaces.

We just have to pass required Inputs with Access Token and we will get desired output.

Note: Before development, you can try test execution of API in blog post Gmail API, It will help you to understand exact inputs & outputs of API's.


A) List API :- It gives number of Unique List ID's for each mail present in Inbox.

ESR: Data type looks like below, Didn't created MM for this.

Note: Here 'Userid' we need to pass corporate email id which we used to login GCP.







ID: We have to use "Get" Method with below REST URL, Response need to be convert from JSON to XML.


B) Get API :- It gives complete mail details against Unique List ID.

ESR: Data type looks like below.

ID: We have to use "Get" Method with below REST URL.


C) Trash API :- After retrieving mail details we can move that mail from Inbox to Trash.

ESR: Data type looks like below.

ID: We have to use "Get" Method with below REST URL.

This Completes Part II. I hope this blog post will be helpful for your first SAP-Gmail Integration.

Please let me know your feedback or queries in comment box.

Labels in this area