If you have been working with BTP Integration Suite, Cloud Integration (CI), and API management (APIM), then you probably have been working with some of the APIs SAP BTP provides to either build some automated tools or reporting applications, this blog aims to help you with a walkthrough on how to configure the correct entitlements, service instance, and service key to execute BTP APIM APIs in CF.
Scenario: We have an application that wants to report API usage, performance, and errors from your APIs running on APIM, we have found that SAP already provides ( hehe, conveniently) an ODATA API.
SAP has provided some documentation directly in API Business Hub:
- API Specification: we can find JSON, YAML, and EDMX.
Example using Postman view
- Authentication Methods: OAuth2.0
- Configuration Details: Sandbox and Productions URLs
Unfortunately, from API Business Hub the Business Documentation is not very clear on the BTP configuration requirements. Still, fortunately, this is precisely what I would like to cover in this blog and additionally help you understand this API and similar SAP-provided BTP APIs.
Step 1: Choose the correct URL
As part of the configuration details, we get all productive URLs for the available DC (it should be somehow evident for most), but you need to use the one where your APIM tenant is running.
For example, if your API Portal URL is
https://{TENANT-NAME].apiportal.cfapps.us21.hana.ondemand.com/shell/develop
then you should choose https://us21apiportal.cfapps.us21.hana.ondemand.com/api/1.0/AnalyticsService
as it matches your tenant.
Step 2: Choose the correct API Access Plan
This API only allows OAuth authentication method for which we need to have a clientId, clientSecret, and tokenUrl. if we analyze the URL, you will notice it is looking for apiportal resources so we need to create a service instance corresponding to this plan, which in this case is “API Management, API portal”
Note: if your URL would have us21devportal.cfapps.us21.hana.ondemand.com/api/1.0/{resource-name}, then you would need to use a plan that corresponds to “API Management, API Business Hub Enterprise”
Step 3: Assign Entity to the subaccount
Go to SAP BTP Cockpit, Entity Assignments
Find your subaccount and click “Select.”
Click on Configure Entitlements and Add Service Plans
Filter the results by typing “API” and selecting “API Management, API portal” here, we will find the plan “apiportal-apiaccess” click on Add 1 Service Plan button.
Click on Save
Step 4: Create the Service Instance
Navigate to the subaccount, go to Instances and Subscriptions, click on Create button
Select the service: API Management, API Portal
Plan: apiportal-apiaccess
Space: [Same space as your Integration Suite]
Instance Name: [Can be anything, but I suggest using naming convention {type-of-authentication}_{capability} e.g., “OAuth2_APIM”]
Click Next>
Add the following parameters and click Next>
{
"role": "APIPortal.Administrator"
}
Review the summary and click Create.
Your instance will take some seconds to be created.
Step 5: Create Service Key
Select your instance and in the new window, click on the Service Keys tab and Create button.
Enter a name I recommend meaningful description for the task, e.g., “Odata-API” and click Create.
After a few seconds, the key will be created, you can access the key values by clicking on the three dots and View.
This is where you will pull the clientId, clientSecret, and tokenUrl. In the following image, you will find this is the credentials tight to us21apiportal.cfapps.us21.hana.ondeman.com
Step 6: Testing
I. Testing in API Business Hub
Configure New Environment
Go to api.sap.com and find the corresponding API, a click on TryOut. In the right upper side you will find an environment drop-down, click on the plus icon and Add New Environment
Select the corresponding URL and enter the clientID, clientSecret, and tokenUrl from the service key. To finalize, click on Configure button.
Click the Run button, and you should get the results depending on your APIM usage.
Navigate to the “Code Snippet” tab, and you can download the code for many different languages, in this case, we are interested in the cURL, which can be imported into Postman (or any other client)
II) Testing in Postman
Import the cURL code you obtained from API Business Hub
Navigate to postman and Import, select Raw text, click Continue and Save
Create Get Auth Bearer Token Request
You can create a new Request and use the information from the Service Key or import the following cURL in your Postman and make sure you change the Username and Password
curl --location --request GET 'https://nutrigrow-na-dev.authentication.us21.hana.ondemand.com/oauth/token?grant_type=client_credentials'
--header 'Authorization: Basic {Your-Credentials-Here}'Click Send, and you will get the Bearer token in the access_token field.
Open your OData API request, navigate to the Authorization tab, select Bearer Token as the Type, and paste your Token.
Finally, click Send, you can now retrieve the information from APIM using OData API, and with this, you will be able to integrate it into your reports, applications, or iFlows.
My goal was to provide you with a guide on how to leverage APIM’s OData APIs; hopefully, this can help you in your projects, keep integrating 🖖🏻
Special thanks to Sandeep B. and Gopinath M. for their time and support.
Regards
