Recently, I was working on a client's request where in I was supposed to redirect to BOBJ report on click of a button and the user should not provide authentication details again.
After going through the SAP documentation for a while, I came through SAP's RESTful web services API. As always APIs for the win, Web services API provides a lot of features including authentication as well.
I know there are a lot of blogs on this topic but most of the blogs don't provide all the information at one place so I thought of writing this blog and combining all the information that I found in bits and pieces which might make some developers life easy :)
Different ways of Authenticating User
Web services API provide below listed ways in which a user can be authenticated:
Passing username & password (To generate logonToken)
Passing a serialized session or token from a different application already authenticated with Platform
Active Directory Single Sign-On
In this blog I am gonna focus on Using username & password.
Logon Tokens can be used in Open Document by inserting the
token parameter into the open Document URL. This token allows users access to files secured in the BI platform without being prompted for credentials.
How to create a Logon Token using web services API ?
- Make a request to get template for for providing username and password.
1.1 In order to get the template in which the username and password needs to be provided, make a request to
http://<baseURL>/logon/long using the
Accept attribute to the request header, and set its value to
1.3 You will get a response as shown in the below picture:
- Now let's use the template that we got in response of
2.1 Make a request to the same URL that we used to get the the template using
2.2 Add the
Content-Type attribute to the request header and set both of the values to
2.3 Fill out the XML template with the username, password and authentication type, and add it to request body of the new request.
In the XML template,
auth represents the authentication type,
secEnterprise for Enterprise authentication,
secWinAD for Windows AD,
secLDAP for LDAP and
secSAPR3 for SAP.
Once we make a request using
POSTmethod using the details mentioned in point 2, we will get a
logonTokentoken in response.
logonTokenthat we receive needs to be URL encoded. You can use any URL Encoder to encode the
Once we have encoded the
logonToken, we can append the token in the open document URL using the
In conclusion, I hope this blog post has provided valuable insight into accessing Open Document URLs without prompting user for authentication. If you have any questions or feedback, feel free to leave a comment.
Top comments (0)