Symptom
SAP Mobile Platform (SMP) server has been configured to work with multiple endpoints on the same SAP gateway.
Those are configured on SMP within one application.
The client application is set up with LogonCore in iOS application/SDK.
On every GET request the SDK sends a header with "x-csrf-token: Fetch".
This causes the backends to send the CSRF token, which is required on client side to send along when doing POST/PUT requests.
Those backend connections provide each their own distinct token to the SMP server(which passes them along to the client)
and the client side SDK only saves the very last token received and uses it for the possible next POST/PUT request.
After connecting to endpoint X the last time and then trying to send a create request to endpoint Y at the next request,
the SDK sends the wrong token and get's a http 403 error with: "CSRF token validation failed".
Read more...
Environment
- SAP Mobile Platform (SMP) 3.0 SP07
- SAP Mobile SDK 3.0 SP07 PL02
- iOS OData application
- SOdataOnlineStore
Product
Keywords
KBA , x-csrf-token , x-csrf , csrf , multiple , gateway , endpoint , token , sodataonlinestore , online , odata , service , 403 , MOB-SDK-ODP , SAP Mobile SDK Odata SDK , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.