I am writing this blog in extension to my JWT token blog . There are many Standard SAP CPQ REST API which works with Cookies along with JWT token and Bearer Token. This blog will help to fetch ASP.Net_SessionId Cookie, WebCom-lbal cookie and X-CSRF-Token Cookie from CPQ and pass the same value as header while calling POST method for Standard SAP CPQ REST API.IF we do not include these cookies , CPQ rest API will return 403 forbidden error to SAP CPI.



Here I will be creating 1st iflow which will be main iflow to send data to CPQ REST API and and it will cal 2nd iflow where we will fetch Cookie and JWT token and return all these values to 1st iflow.


1st Integration Flow

In the 1st iflow HTTP will be sender adapter ,which we will call from POSTMAN.

Here in 1st request reply ,we will call out 2nd iflow to fetch Cookie and Token  via ProcessDirect call.

Once we get the response from 2nd iflow, we use Content modifier 1 to get Token Value.

In 2nd content modifier,we set all cookie .

since We are not sending any payload from Postman, I have hardcoded it in Content modifier’s  “message body”. this JSON format you can check from Reference URL I shared, It has all API and its input format. here I am updating the price for a given production for a given pricebookid .after successful update ,it will return  PricebookEntryId.





Then we make call to Standard CPQ Rest API


2nd Integration Flow

From our 1st IFlow we make call to 2nd iflow to Fetch JWT token and Cookies from CPQ system via ProcessDirect call.

In this iflow ,We are fetching Cookie 1st then Bearer Token and then JWT token.

We need no payload to cll this API hence sending blank {}  in 1st Content Modifier



In 1st Request Reply , we make HTTPS call to CPQ API Which returns ASP.Net_SessionId Cookie, WebCom-lbal cookie and X-CSRF-Token Cookie from CPQ.


Then we fetch these cookie value as header in Content Modifier ,and make it in XML format in Content Modifier Message Body


Then create a Message Mapping to fetch all these 3 Cookie valus in separate fields by writing simple logic using standard function with the help of Index value of each Cookie as “Set-Cookie” field will return value like this


Then in Content Modifier we set these 3 values as header which we have used in our 1st iflow  in 2nd Content Modifier.

Then from Content Modifier 6 ,as shown in image,we set message body to fetch Bearer Token from CPQ,Which is explained in this blog.

CPQCPI2-SAP CPQ REST API Authentication via JWT token in CPI | SAP Blogs

Request you to follow the blogs for all steps after this step.




Once both the iflows are saved and deployed, we make call to 1st iflow from Postman app with blank body and Before that we enable trace for both the iflows to check the logs and response from CPQ,

This is my end point for 1st iflow

Logs for iflow 2-

Here in this image we can see the “Set-Cookie”value after HTTPS call. Before Mapping Cookie is encoded in SHA.

After message mapping we get all 3 value in separate header. Sometimes Webcom cookie will be missing.


Here are the run time logs for iflow 1:

Content modifier contains token and Cookie values returned from 2nd iflow.

So when we make call to CPQ API, it will have all the headers required for successful call and it will return the successful message .Same we can see in postman and iflow.






Please feel free to suggest any modification required.


Thanks and Regards,

Pooja Tiwari

Randa Khaled

Randa Khaled

Author Since: November 19, 2020

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x