/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- There is a need to troubleshoot the scenario where Applications in SAP BTP consuming an OAuth2SAMLBearerAssertion destination fail to successfully call an OAuth2-protected remote system or API when propagating the user identity.
- Despite the Destination service handling automatic SAML assertion creation, OAuth token retrieval, and token caching, the remote call fails. As a result, the user identity is not propagated as expected to the target system, or the access token cannot be retrieved or reused. Below are some examples of errors.
404 – Not Found - Configuration with the specified name was not found
401 Unauthorized - User authentication failed
401 Unauthorized - User authentication failed: Unauthorized
- Despite the Destination service handling automatic SAML assertion creation, OAuth token retrieval, and token caching, the remote call fails. As a result, the user identity is not propagated as expected to the target system, or the access token cannot be retrieved or reused. Below are some examples of errors.
-
- There is a need to understand the end-to-end flow of how the Destination service is consumed by a Cloud Foundry application to connect to an OAuth2-protected target system using the OAuth2SAMLBearerAssertion authentication type in the SAP BTP Cloud Foundry environment.
- There is a need to understand the end-to-end flow of how the Destination service is consumed by a Cloud Foundry application to connect to an OAuth2-protected target system using the OAuth2SAMLBearerAssertion authentication type in the SAP BTP Cloud Foundry environment.
- Troubleshooting a destination type such as: OAuth2ClientCredentials, OAuthUserTokenExchange, OAuth2JWTBearer, OAuth2Password, SAMLAssertion, OAuth2RefreshToken, OAuth2AuthorizationCode, OAuth2TechnicalUserPropagation, OAuth2TokenExchange.
Read more...
Environment
SAP Business Technology Platform
Product
SAP Business Technology Platform all versions
Keywords
OAuth2SAMLBearerAssertion , destination REST calls , REST API, OAuth2ClientCredentials, OAuthUserTokenExchange, OAuth2JWTBearer, OAuth2Password, SAMLAssertion, OAuth2RefreshToken, OAuth2AuthorizationCode, OAuth2TechnicalUserPropagation, OAuth2TokenExchange , JWT, jSON Web token , KBA , BC-CP-DEST , Destination service , LOD-SF-INT , Integrations , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)