![]() Template Tags can be added to a target field by pressing the Ctrl + Space keys, and their configuration is shown once you click on them. In this example, we are going to add it to the assertion form parameter of the POST request , but depending on where your SAP SuccessFactors data center is located this URL might change – check the SAP Note 2215682 – Successfactors API URLs for different Data Centers – SAP for Me to verify the correct API URL for your case. ![]() Add the SAML Assertion – SFSF Template Tag where required.A modal screen will be shown so that you can select the collection exported from Postman – click on Import and you must receive a confirmation that the collection was successfully imported: In this example I am going to import Postman’s exported collection into Insomnia to add the Template Tag SAML Assertion – SFSF to existing testing cases (check the documentation for more details on how to do that in Postman). Go to My Collection -> Import/Export: Select the Import Data -> From File option.Once Insomnia is opened, you have to confirm the installation by clicking in the Install button:Īlternatively, you can also open the Insomnia application under the menu Application -> Preferences , tab Plugins and install the plugin by entering its corresponding npm package name insomnia-plugin-sfsf-samlassertion under the npm-package-name field and pressing the Install Plugin button: Once you have downloaded and installed Insomnia ( ), you will find under the link the Install Plugin button that will start the Insomnia application and the plugin installation process.Here are some steps to install the SAP SuccessFactors SAML Assertion plugin: ![]() Once the plugin is properly installed, the Template Tag SAML Assertion – SFSF will be available for use. Here are the Insomnia/npm links of the SuccessFactors SAML Assertion plugin: Insomnia Plugin: Installation and Configuration The downsides I’ve recognized so far are that the Insomnia’s Free version does not allow team collaboration and test collections are not saved in the cloud. Moreover, it allows to import Postman’s Collection files, which speeds up the tool onboarding. And what a pleasant surprise! Their plugin concept is quite powerful and allowed me the usage of external npm libraries to develop a Template Tag for generating the SAML Assertion right before the request is sent to the endpoint – exactly what I wanted! Besides, the seamlessly integrated Chrome V8 JS engine made debugging way easier, which was key during the plugin development process. Would that then be a reason to lose sleep? □Īt this point I decided to give another API test tool called Insomnia a try. Even when I somehow managed to workaround it, Postman’s Node.js sandbox has limited cryptographic capabilities, which turned the signature of the SAML Assertions impossible. Unfortunately, it was easier said than done… □ The Node.js sandbox of Postman is quite restrictive and does not allow the usage of well-established npm libraries for SAML Assertion / XML signature. Postman is the ubiquitous test tool for API’s nowadays and it I was decided to embed the SAML Assertion routines in its Pre-Request Scripts. The challenge is then set: how to integrate this process of generating SAML Assertions to the API test clients? Or even worse: you might be using the /oauth/idp API from SuccessFactors to get your SAML Assertions generated, which is also going to be deprecated due to security risks! Check this SAP SuccessFactors Documentation to more information on that: Deprecation of OAuth IdP API /oauth/idp | SAP Help Portal. However, if you are using the SAP SuccessFactors Offline SAML Generator, then you are probably relying on the external Java tool available in the SAP Note 3031657 – SAP SuccessFactors SAML Assertion format demonstration using SAP Provided offline tool – SAP ONE Support Launchpad, which might not be well-integrated to your API test tool as you have to manually copy/paste the externally generated SAML assertion to your test cases. The steps involved in enabling an OAuth2 client are described in the SAP SuccessFactors Documentation and this blog is focused on the step 2 – Request SAML assertion of the flow diagram that is depicted in there:Īssuming that you use a third-party Identiy Provider (short IdP) to issue SAML Assertions, then you might have already adjusted your SAP SuccessFactors test cases and authentication flows according to your IdP request/response expectations. ![]() If you regularly call the SAP SuccessFactors’ OData API’s for test purposes using your API test tool of choice, chances are that you are already aware that the Basic Authentication is deprecated and must not be used instead, the authentication using OAuth 2.0 is the preferred method to access its API’s. ![]()
0 Comments
Leave a Reply. |