Hi experts,
I am experimenting an error trying to execute OData modification operations (POST, PUT) from a hybrid Kapsel application who consumes a SAP gateway service through SMP, for GET operations, I have no problems. I hope you can help me to solve it.
- I am using a landscape with SAP Gateway 2.0 SP 12, SMP server 3.0 SP 09, and SMP SDK 3.0 SP 10.
- The deployment of the SAP Gateway is HUB deployment with development on the business suite.
- The configuration of the app on the SMP server is next:
- 1. BACK END
- Endpoint: https://sap-gateway-hub-server:8443/sap/opu/odata/CBCR/PR_MOBORIGIN_SRV
- Rewrite Mode: Rewrite URL in Backend System
- SSO Mechanisms: Technical User (Basic)
- 2. AUTHENTICATION
- Profile Name: admin
- 1. BACK END
I am getting the same error using the app, and using a REST Client. The steps followed to execute a POST operation are next:
1. Register to the SMP application.
2. Make a GET request using the headers X-SMP-APPCID and X-CSRF-TOKEN: Fetch to obtain a token.
3. Make a POST request adding the corresponding X-CSRF-TOKEN header obtained from the step before.
4. I obtain error “403 Forbidden”“CSRF token validation failed” as a result.
- In the SAP Gateway logs from the SMICM transaction, I can see the x-csrf-token received from the request, but after some processing, the error HTTP/1.1 403 Forbidden is raised, indicating x-csrf-token: Required.
- If I execute the same process of GET x-csrf-token and after that execute a POST request direct to the SAP Gateway service (through SMP) the operation completed successfully.
