I developed a side-by-side app using Java + SAP Cloud SDK (Neo). The app adds records to a custom business object.
The app was working fine when I concluded development in February. Now, I need to do some additional improvements, but I can add records anymore.
I am getting the error SCBO_AUTHORIZATION/000 - You are not authorized to create XXXXXXX instance.
I assigned CBO to a business role, the custom communication scenario along with communication arrangement is in place. I tested already the service (metadata) and the user is not locked.
Here´s the error sent back from the backend:
2020 05 27 19:36:55#+00#ERROR#com.sap.cloud.extensibility.services.CockpitServiceImp##PHENRIQUE#https-jsse-nio-8041-exec-8#na#fzrl99axqb#csccapplication2#web#fzrl99axqb#na#na#na#na#Error building up cockpit. com.sap.cloud.sdk.s4hana.datamodel.odata.helper.ODataVdmErrorResultHandler$ErpODataException: The endpoint responded with HTTP error code 400.
You're not authorized to create CSCCOCKPIT instance.
Full error message:
{
"error": {
"code": "SCBO_AUTHORIZATION/000",
"message": {
"lang": "en",
"value": "You\\u0027re not authorized to create CSCCOCKPIT instance."
},
"innererror": {
"application": {
"component_id": "BC-ESI-ESF-GW",
"service_namespace": "/SAP/",
"service_id": "YY1_CSCCOCKPIT_CDS",
"service_version": "0001"
},
"transactionid": "338BDCAE69170270E005EC3E361F2498",
"timestamp": "20200527193655.5607910",
"Error_Resolution": {
"SAP_Transaction": "For backend administrators: use ADT feed reader \\"SAP Gateway Error Log\\" or run transaction /IWFND/ERROR_LOG on SAP Gateway hub system and search for entries with the timestamp above for more details",
"SAP_Note": "See SAP Note 1797736 for error analysis (https://service.sap.com/sap/support/notes/1797736)"
},
"errordetails": [
{
"code": "SCBO_AUTHORIZATION/000",
"message": "You\\u0027re not authorized to create CSCCOCKPIT instance.",
"propertyref": "",
"severity": "error",
"transition": true,
"target": ""
}
]
}
}
}
Could someone give a clue on where could the issue be?
BR,
Pietro
The error happened because all the fields in the custom business object in S/4Hana Cloud were set as "read-only".
Related
I am having problems with firebase, i just recently started learning it. Im trying to setup my rules for firebase storage but it wont stop loading and i get error message 403 from the console. Full error message in JSON is:
{
"error": {
"code": 403,
"message": "Requests from referer \u003cempty\u003e are blocked.",
"status": "PERMISSION_DENIED",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "API_KEY_HTTP_REFERRER_BLOCKED",
"domain": "googleapis.com",
"metadata": {
"service": "firebaserules.googleapis.com",
"consumer": "projects/300182265570"
}
}
]
}
}`
I've tried to google for answers but I'm not any wiser on what to do.
Sidenote, i also get some error message when i try to upload files to my storage from my app about "Bucket not being properply set up".
But I can't even access the rules on firebase.console for storage.
Cheers!
I am trying to create GitHub service connection using azure Devops rest api -
In postman I put following Json Body-
{
"name": "release-1",
"type": "github",
"url": "https://github.com",
"authorization": {
"scheme": "PersonalAccessToken",
"parameters": {
"accessToken": "<Github_Personal_Access_Token>"
}
}
}
This Creates service connection but It gives error when I open service connection in UI and try to verify but if I edit and replace with same Github token In UI then it works. seems like its not taking token I am providing in Json body -
I also see information here on this ongoing issue - https://ljvmiranda921.github.io/notebook/2019/12/28/workaround-azure-github-pat/
I want to automate GitHub service connection creation.
How to create GitHub service connection using Azure Devops rest api ?
How to create GitHub service connection using Azure Devops rest api ?
Are you creating this GitHub service connection?
If so, you should use EndPoints-Create API and your Json Body can follow this format:
{
"authorization": {
"scheme": "Token",
"parameters": {"AccessToken": "YourGitHubPAT"}
},
"data": {},
"description": "",
"name": "YourServiceConnectionName",
"serviceEndpointProjectReferences": [{
"description": "",
"name": "YourServiceConnectionName",
"projectReference": {
"id": "YourProjectID",
"name": "YourProjectName"
}
}],
"type": "github",
"url": "https://github.com",
"isShared": false
}
We should enter the value of YourGitHubPAT, YourServiceConnectionName(twice in two points), YourProjectID and YourProjectName with your own values to make the body work. We can get YourProjectID via Projects-List API.
After running that in PostMan, I can verify it successfully without issues. I guess your issue may have something to do with your parameters. Use
"authorization": {
"scheme": "Token",
"parameters": {"AccessToken": "<Github_Personal_Access_Token>"}
},
Instead of
"authorization": {
"scheme": "PersonalAccessToken",
"parameters": {"accessToken": "<Github_Personal_Access_Token>"}
Update about how to enable grant access to all pipelines:
Dislike other elements like Token, Name and Description, Grant Access Permissions to all pipelines option is managed by another API.
API to enable this option:
https://dev.azure.com/{YourOrganizationName}/{YourProjectName}/_apis/pipelines/pipelinePermissions/endpoint/{YourEndPointID}?api-version=5.1-preview.1
Body:
{
"resource": {
"id": "YourEndPointID",
"type": "endpoint",
"name": ""
},
"pipelines": [],
"allPipelines": {
"authorized": true,
"authorizedBy": null,
"authorizedOn": null
}
}
Note: We need to enter EnterPointID in URL and Body. (Twice!)
In PostMan, you should use PATCH method and application/json type. The YourEndPointID is ServiceConnectionID, you can get this value from EndPoints-Create API's response.
So normally to create a service connection with "Grant Access to All..." enabled, we should run Endpoints-Create first and then run the second API to enable this option.
(And this is the same behavior in Web Portal. When we click Verify and Save button in web browser, it actually also calls these two APIs to complete the process.)
I am able to successfully execute below APIs
/v2/checkout/orders
/v2/checkout/orders/{order_id}/authorize
/v2/checkout/orders/{order_id}/capture
Why am I getting the "NOT_AUTHORIZED" response while executing PayPal refund as described here? - https://developer.paypal.com/docs/api/payments/v2/#captures_refund
POST request
https://api.sandbox.paypal.com/v2/payments/captures/<Capture ID I got from capture request>/refund
Response
{
"name": "NOT_AUTHORIZED",
"message": "Authorization failed due to insufficient permissions.",
"debug_id": "6c6xxxxx6c",
"details": [
{
"issue": "PERMISSION_DENIED",
"field": "capture_id",
"value": "XXXXXXXXX",
"description": "You do not have permission to access or perform operations on this resource.",
"location": "path"
}
],
"links": [
{
"href": "https://developer.paypal.com/docs/api/v2/payments/#NOT_AUTHORIZED",
"rel": "information_link"
}
]
}
You have to contact the PayPal support to add permission for your existing ClientId and Client secret (which works fine for PayPal V1 APIs) for V2 Refunds and Cancel request and there is no other way you can set the permission for same.
If you need to avoid this then Just create new ClientId and Client secret from PayPal accounts and it will work fine with PayPal V2 APIs.
Creating a new application with a new set of client ID and secret worked for me.
Question:
After adding a new BIM 360 Docs project using the API, how do I activate it for Document Management using the APIs? Following online tutorial does not yield expected results.
Background:
I was trying to follow a tutorial to create a BIM 360 Docs project and activate it for Document Management, as it's listed here. Project creation itself is a breeze, however the step required to activate a service does not work as outlined.
Here are my individual steps:
Create BIM 360 Project with HTTP POST https://{{ForgeURL}}/hq/v1/accounts/{{AccountId}}/projects
Created project information is returned in the response, including new project id and status, which is pending.
Attempt to add project admin and activate a service as outlined here
i. Add Project Admin - Method 1 - Documentation here lists endpoint capable of adding a project admin to a specific BIM 360 project and service type.
HTTP POST https://{{ForgeURL}}/hq/v1/accounts/{{AccountId}}/projects/{{BIM360ProjectId}}/users
{
"role":"project_admin",
"service_type":"doc_manager",
"company_id":"{{BIM360CompanyId}}",
"email":"user#email.com"
}
Response: HTTP 404 Not Found
{
"code": 1004,
"message": "this project doesn't exist."
}
ii. Add Project Admin - Method 2 - Documentation here lists endpoint capable of adding users (project admin and project user) to a project.
HTTP POST https://{{ForgeURL}}/hq/v2/accounts/{{AccountId}}/projects/{{BIM360ProjectId}}/users/import
[
{
"email": "user#email.com",
"services": {
"document_management": {
"access_level": "admin"
},
"project_administration": {
"access_level": "admin"
}
},
"company_id": "{{BIM360CompanyId}}",
"industry_roles": []
}
]
Response: HTTP 200 OK, but... it's a failure
{
"failure": 1,
"success": 0,
"success_items": [],
"failure_items": [
{
"email": "user#email.com",
"services": {
"document_management": {
"access_level": "admin"
},
"project_administration": {
"access_level": "admin"
}
},
"company_id": "716a5472-a69c-4c07-aa0c-9e54e98ff28f",
"industry_roles": [],
"errors": [
{
"message": "Services [\"document_management\"] are not active or pending in project",
"code": 2000
}
],
"project_id": "1b6f2179-8f2f-4fa7-907b-901aee7224be",
"account_id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
]
}
One can see that it complains about Services [\"document_management\"] are not active or pending in project. project_administration had to be included, otherwise it would have also complained about service project_administration required if any access_level is set as admin.
However, I can see the project using BIM 360 Docs web app Account Admin though as Inactive.
Attempt to activate a project using HTTP PATCH https://{{ForgeURL}}/hq/v1/accounts/{{AccountId}}/projects/{{BIM360ProjectId}} returns
{
"code": 1001,
"message": "You cannot change the status of a project that has no project admin."
}
iii. Add Project Admin - Method 3 - Documentation here lists endpoint capable of updating a user’s profile for a project, including the user’s access level for the project (admin or user).
HTTP PATCH https://{{ForgeURL}}/hq/v2/accounts/{{AccountId}}/projects/{{BIM360ProjectId}}/users/{{BIM360UserId}}
{
"services": {
"document_management": {
"access_level": "user"
}
},
"company_id": "{{BIM360CompanyId}}"
}
Response: HTTP 200 OK, but it's a failure
{
"account_id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"project_id": "1b6f2179-8f2f-4fa7-907b-901aee7224be",
"error": [
{
"message": "User does not exist in project",
"code": 2000
},
{
"message": "Services [\"document_management\"] are not active or pending in project",
"code": 2000
}
]
}
Long story short, I am unable to add project admin using any of the methods available.
What's more, when I add a Project Administrator there using Project Admin \ Services \ Document Management section the project status turns into Active and I am suddenly able to activate a service as outlined here.
The endpoint documentation has incorrect information pointing to payload containing
"service_types": "field"
creating a BIM 360 project with the project information that is accessible and available for all BIM 360 services, which is not what happens. One has to explicitly specify service type, e.g.
"service_types": "doc_manager"
or according to this documentation
If nothing specified, the project will be created for all the enabled
services in the account.
This allows to add a project admin using a Method 1 outlined in my question.
I am trying to upload data to google cloud storage using rest api
According to the documentations we can use this api to send data to cloud store
https://www.googleapis.com/upload/storage/v1/b/[Bucket
name]/o?uploadType=media&name=[object name]
and sending auth,content-type and content-length as header
auth can be genereted using service accounts which i generated but still unable to upload the file
i am getting this error
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
one of the correct way to do it would be
https://www.googleapis.com/upload/storage/v1/b/[bucket_name]/o?key={your_key}&uploadType=media&name=happy3
you can generate key from api screen in google console
other way is to go to outh2.0 playground and send request from there
it will generate header files accordingly