SAP Integration Setup

Getting Started

BalkanID recommends creating a separate service account for the purposes of this integration, instead of using personal or employee named accounts.

Requirements

  • Auth-URL

  • Api-URL

  • Client ID

  • Client Secret

  • Org Name

Getting the Configuration

  1. Install the Cloud Foundry Command Line Interface (CLI)

    Follow the readme from the link.

    V7 CLI Installation Guide

  2. Test the cli cf . You should see a list of Cloud Foundry commands.If the above screen appeared, the CLI has been installed successfully.

  3. Login using CLI - cf login -a <URL>.

  4. Navigate to the space in your subaccount to view details. Follow the below procedure to generate configurations.

  5. Enter the following command in terminal. cf target -o *<org_name>* -s *<space_name>* For example: cf target -o my-org -s DEV

    1. In your subaccount, create a service instance with the api-access plan.

    2. Enter the following command: cf create-service xsuaa apiaccess *<access_name>* For example: cf create-service xsuaa apiaccess my-access

      This command creates an entry for the OAuth client in the database of the authorization server.

    3. Create a service key. Enter the following command:

      cf create-service-key *<access_name>* *<key_name>*

      For example:

      cf create-service-key my-access my-access-key

      The system creates the credentials for the OAuth client.

    4. Get the credentials for the OAuth client

      Enter the following command:

      cf service-key <access_name> <key_name>

      For example:

      cf service-key my-access my-access-key

      Getting key my-access-key for service instance my-access as my-user...

      {
      "apiurl": "[<https://api.authentication.eu10.hana.ondemand.com>](<https://api.authentication.eu10.hana.ondemand.com/>)",
      "clientid": "aa-bb-cccc11c1-d222-333e-44f4-g5g55ggg555g!a6666",
      "clientsecret": "aA1B2CcCCC3dDd+ee444fFF5ggG=",
      "identityzone": "my-subdomain",
      "identityzoneid": "a11aaaa1-22b2-33c3-dd44-5555f5555f55",
      "sburl": "[<https://internal-xsuaa.authentication.eu10.hana.ondemand.com>](<https://internal-xsuaa.authentication.eu10.hana.ondemand.com/>)",
      "tenantid": "a11aaaa1-22b2-33c3-dd44-5555f5555f55",
      "tenantmode": "dedicated",
      "uaadomain": "[authentication.eu10.hana.ondemand.com](<http://authentication.eu10.hana.ondemand.com/>)",
      "url": "[<https://my-subdomain.authentication.eu10.hana.ondemand.com>](<https://my-subdomain.authentication.eu10.hana.ondemand.com/>)",
      "verificationkey": "-----BEGIN PUBLIC KEY-----sadklfjdsaflja
      ...-----END PUBLIC KEY-----",
      "xsappname": "aa-bbbb11b1-c222-333d-44e4-f5f55fff555f!a6666"
      }

      url is equal to authUrl, org name is identityzone

Configure SAP within your BalkanID tenant

  1. Login to the BalkanID application and switch to the tenant you would like to add your integration to.

  2. Head to Integrations > Third Party Applications and click Add Integration, select SAP. Set up the Primary Application owner and the Description, if any.

  3. SAP would have been added to the list of applications. Click on the Configure and Integrate button beside the integration name, and configure the fields with the values that were noted prior. It should look like this:

  4. Once you filled in the information, click Save changes. Your integration is now configured and you will see the status of the integration displayed alongside other integrations on the Integrations page. Integrations are synced daily. When data is available, the integration Status column will read Connected and the integration Message will read Data available.

Was this helpful?