Symptom
While trying to call API of external service, the header into the request executed by AJAX is truncated and the request shows "not authorized".
Backend ICM trace shows the following response:
[...]
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |. <h2>401 - Unauthorized: Acces|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |s is denied due to invalid crede|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |ntials.</h2>.. <h3>You do not h|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |ave permission to view this dire|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |ctory or page using the credenti|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |als that you supplied.</h3>.. </|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX 6XXXXXXX 7XXXXXXX 7XXXXXXX 6XXXXXXX 3XXXXXXX |fieldset></div>..</div>..</body>|
0XXXXX | 3XXXXXXX 0XXXXXXX 7XXXXXXX |..</html>.. |
[...]
Read more...
Environment
SAP Cloud Platform with AJAX requests
Product
Keywords
header allowlist, custom header, custom headers, 401 - Unauthorized, 401 Unauthorized, AJAX, header, headers, allowlist headers, allowlist header , KBA , whitelist , whitelisting , whitelist headers , whitelist header , header whitelist , BC-NEO-RT-HTML5 , Runtime HTML5 Applications , BC-NEO-CON , Neo to On-premise Connectivity service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.