Showing results for 
Search instead for 
Did you mean: 

BTP - Kyma and CDP

0 Kudos

Hi together,

i want to extend the CDP with Kyma. The aim is to create function in Kyma which handels the event data which comes from CDP and give some additional data back.

i followed the procedure which is described in the handbook. (Using Kyma with Extensions - SAP Help Portal)

Clicking on the host i get the following message:

{"error":{"code":401,"status":"Unauthorized","request":"93ddd5d0-fe91-4387-a001-1101863bc36a","message":"The request could not be authorized"}}

Is there an additional configuration which is required in Kyma?

Accepted Solutions (0)

Answers (3)

Answers (3)

0 Kudos

Hi Oktay,

Testing via REST API calls (Example: via Postman)

Here are the steps to get a valid JWT when testing manually, for which you'll need to have CDC also provisioned. Kindly note that this is a way to issue a JWT in the context of a user, outside an auth flow.

  1. Call accounts.getJWT REST API (Requests parameters: apiKey, userKey, secret, targetUID)
  2. Use the JWT token (i.e. id_token) from the response of step 1 above to make an API call to the API Rule endpoint of the Kyma serverless function with JWT access strategy (Issuer: "[Your-CDC-Site-API-key]/", JWKS URI: "")
    Note 1: If you're using Postman, please select the Authorization as "Bearer Token" and provide the JWT as the token.
    Note 2: You can also set the JWKS URI to: "https://accounts.[CDC_Data_Center]/accounts.getJWTPublicKey?apiKey=[Your-CDC-Site-API-key]&V2=true" when using this approach.

For more information and examples, kindly refer to the following links:

Testing via CDP

Kindly follow the steps in the following documentation page to test via CDP. The JWT will be generated by CDP and signed by a private key.

0 Kudos

Hi Jamie,
thank you for the quick response.
You are right, after clicking on the host field after setting up JWT authentication ,which is described in the handbook (i have to use the JWT as access strategies - link above)

How can i get a valid JWT in the Authorization header?

0 Kudos

I can only assume you are clicking on the host field within Kyma after setting up JWT authentication? For this to authenticate you would need a valid JWT in the Authorization header or set the API Rule to use none or allow.