Showing results for 
Search instead for 
Did you mean: 

Using the Authorization Management API from Hana XS

Former Member
0 Kudos

Hello everyone,

I am currently struggling with calling the Authorization Management API from an XSJS script on the HCP. The goal here is to build an XSJS Service which provides the roles given to a user in an HTML5 Application. The HTML5 frontend then shows different options/layouts depending on the roles the user has.

For this I created a .xshttpdest file

description = "HCP Authorization Management API";

host = "";

port = 80;

proxyType = http;

proxyHost = "proxy";

proxyPort = 8080;

useSSL = true;

timeout = 30000;

I setup the SSL certificate in the Trust Store as described here:

My current XSJS file for testing looks like this:

var destinationPackage = "destinations";

var destinationName = "authorizationManagementAPI";

try {

        var dest = $.net.http.readDestination(destinationPackage, destinationName);

        var client = new $.net.http.Client();

        var req = new $.web.WebRequest($.net.http.POST, "/oauth2/apitoken/v1?grant_type=client_credentials");

        client.request(req, dest);

        var response = client.getResponse(); 


        $.response.contentType = "application/json";


        $.response.status = $.net.http.OK;

} catch (e) {

        $.response.contentType = "text/plain";



Running this file results in a page which loads for a long while and then delivers the following error:

HttpClient.request: request failed: unable to establish connection to - IPcon: SSL session failed with error: "SapSSLSessionStart()==SSSLERR_SSL_CONNECT

SSL_connnect() failed (0/0x00) Huh??

  SSL:SSL_get_state()==0x2120 "SSLv3 read server hello A"

  SSL NI-hdl 12: local= peer=

  cli SSL session PSE "#_MemPSE_#803805521865518491315724"

  Target Hostname=""


Does anyone know what causes this error and/or could you explain how to call the API from our XSJS Backend?



Accepted Solutions (1)

Accepted Solutions (1)

Former Member

Thank you very much for your answer, Florian. You are right of course, however I was actually trying to simply get any response. Turns out I was using the wrong port! Since the connection uses SSL the port needs to be set to 443.



Answers (1)

Answers (1)

Active Contributor
0 Kudos

Hello Markus,

cause the API is OAuth protected, did you all the necessary stuff for OAuth (e.g. the OAuth Client Config, OAuth App Config ...)? From your provided coding it seems, that it is not done, cause it is not used.

Detailed steps can be seen in post which describes the setup for the usage of a Google API.