SAP Knowledge Base Article - Public

2820386 - Error Message "Error Code 401 during http call: Missing Credentials" in Address Validation


You have enabled Address Validation in the C4C system and configuration was performed as per the Help Center Documentation, but while entering an address into an account, system throws this error message:

"Error Code 401 during http call: Missing Credentials"


SAP Cloud for Customer

Reproducing the Issue

  1. Go to Customers work center
  2. Select Accounts view
  3. Create a new Account
  4. Maintain an address


Basic authentication which might be used for your user testing is not supported for the C4C usage of the service. Once the communication arrangement is set up in C4C, then you will need to export the client certificate and import into your SCP account. Information about doing this can be found at Client Certificate Authentication.

Possible causes:

  1. Verify that the certificate version of the endpoint is being used. The URL being used would contain “.cert” in it, e.g. <system>.<Suser>
  2. Verify that the issuer of the certificate is in the list of trusted certifying authorities provided in the Trusted Certificate Authorities for Client Certificate Authentication page of SAP Help Portal.


Ensure that the URL you are using in the communication arrangement has “.cert” in it.

At present, DQM microservices supports only client certificate when communicating with the DQM Service for Address Validation. Even though a communication arrangement supports storing the credentials for basic authentication, it is not supported for address validation within C4C.

In order to use the "cert" endpoint, you will need to import the client certificate specified in the communication settings into the consumer account (Susertrial). Information on how to do this can be found in the Data Quality Management microservices help documentation.

If all the conditions above are met, then the SCP hosting team should be notified to ensure that the load balancer is not inadvertently dropping the certificate, preventing it from being sent to the DQMm service.

Points to remember:

  • Self-signed certificates are not supported.
  • An alias name needs to be assigned to the certificate when imported into the keystore and the alias needs to be assigned to the DQMMICRO_POWERUSER role.
  • The keystore must be named dqmm.jks


dqm, microservices, 401, missing credentials, authorization , KBA , LOD-LE-RC-ADR , Address , EIM-DQM-SVS , Microservices , Problem


SAP Cloud for Customer add-ins 1908 ; SAP Cloud for Customer add-ins 1911 ; SAP Cloud for Customer core applications 1811