Int4 Suite SAP CPI preparation

Owned by Marcin Galczynski
Last updated: Jun 21, 2024 by Mateusz Nowak
3 min read

Please follow the video guide for configuration of SAP CPI for testing with Int4 Suite.

These settings require administrative access to the SAP BTP Tennant

 

Configuring connections from Int4 Suite to SAP CPI (Cloud Foundry)

1. Configuring API (Management) Connectivity

Option 1 - Authentication using OAuth with Client Credentials (preferred solution since version 3.4.0)

Create Service Key:
BTP Service: Process Integration Runtime
Plan: api
Key Type: ClientId/Secret
Copy url and tokenurl

 

Create RFC destination for OAuth Token Endpoint:

Connection Type: G

Target host: copy host from tokenurl field in Service key (without https:// protocol and without /oauth/token path) 

Service no. (port): 443

Basic authentication:

User: copy clientid from Service Key

Password: copy clientsecret from Service Key

SSL: Active

Assign created RFC destination in Int4 Suite Customizing Wizard (Maintain SAP Integration Suite Token RFC Destination step)

 

Create RFC destination for API (Management) Endpoint:

Connection Type: G

Target host: copy host from url field in Service key (without https:// protocol) 

Service no. (port): 443

Logon procedure: Do not use a User (leave Basic authentication fields empty)

SSL: Active

Assign created RFC destination in Int4 Suite Customizing Wizard (Maintain SAP Integration Suite Management RFC Destination step)

Option 2 - Basic Authentication of an Identity Provider User

Create Service Key:
BTP Service: Process Integration Runtime
Plan: api
Key Type: ClientId/Secret
Copy url

Create RFC destination for API (Management) Endpoint:

Connection Type: G

Target host: copy host from url field in Service key (without https:// protocol) 

Service no. (port): 443

Basic authentication:

User: user id from Identity Provider ( S-user or e-mail in case of sap.default IdP)

Password: user password

SSL: Active

Assign created RFC destination in Int4 Suite Customizing Wizard (Maintain SAP Integration Suite Management RFC Destination step)

2. Setting up Runtime (iFlow) Connectivity

Create Service Key:
BTP Service: Process Integration Runtime
Plan: integration-flow
Key Type: ClientId/Secret
Copy url

Create RFC destination for  Runtime (iFlow) Connectivity  Endpoint:

Connection Type: G

Target host: copy host from url field in Service key (without https:// protocol) 

Service no. (port): 443

Basic authentication:

User: copy clientid from Service Key

Password: copy clientsecret from Service Key

SSL: Active

Assign created RFC destination in Int4 Suite Customizing Wizard (Maintain SAP Integration Suite Runtime RFC Destination step)

 

Roles for CF:

  • AuthGroup_BusinessExpert

  • CatalogPackageArtifactsRead

  • CatalogPackagesRead

  • DataStorePayloadsRead

  • DataStoresAndQueuesRead

  • MessagePayloadsRead

  • TraceConfigurationEdit

  • TraceConfigurationRead

  • WorkspacePackagesRead

  • WorkspacePackagesEdit

  • WorkspaceArtifactsDeploy

Integration Suite HTTP Senders with Certificate Based Authorization

Lack of this step will result in a situation where during message execution in the Int4 Dispatcher HTTP receiver step, you will receive an HTTP 401 error and the message will not be passed to the tested iflow.

To be able to support HTTP senders with certificate based authorization set up on Integration Suite, the Cloud Integration own certificate needs to be added as a Key in the Process Integration Runtime Instance of BTP. 

Certificate can be downloaded from the Key Store of Cloud Integration

 

Next it should be added as as a Key to the Instance of Process Integration Runtime to the integration-flow plan in BTP Cockpit.

 

© 2017 - 2022 Int4 AG All rights reserved