SAP S/4HANA via Makini API

[thiefcrazy98]

Hi everyone! We are currently trying to integrate SAP S/4HANA via Makini API into our project and we are having an authentication issue. We are using OAuth 2.0 but the system keeps returning 401 error - "unauthorized access". I have checked all the parameters like client_id and client_secret and they should be correct but the errors persist. The documentation doesn't mention anything about any hidden settings that could be affecting this. Has anyone encountered a similar issue? Any help or tips would be greatly appreciated!

[EvanDuke]

I encountered exactly the same error when setting up the integration https://www.makini.io/integrations/sap from Makini for one of the projects. Error 401 is a classic authentication problem, but the reasons can be quite varied. First, let's clarify right away that for the SAP S/4HANA API to work correctly, OAuth 2.0 must be configured correctly. Even though you checked the client_id and client_secret, there are still a few things that can be the source of the error. Check the scopes (access rights). This is probably the most common error that developers encounter. The documentation states that the API requires proper access rights configuration, and if you do not specify the necessary permissions for your client, SAP will simply not allow you to access the data. Make sure that your token contains all the necessary scopes to work with the necessary system objects, such as materials, orders, user data, and so on. Depending on what exactly you are trying to do, different permissions may be required. Check your OAuth 2.0 settings on the SAP side. For authentication to work correctly, it is important that the application you are trying to work with is registered in the SAP developer console, and that the redirect URI and grants are specified correctly in the settings. Sometimes the error may occur because the token is not generated correctly, or it does not have the necessary rights to work with this resource. In addition, it is worth making sure that during the authorization process you receive a refresh token, which is needed to automatically regenerate the authentication key.

[tbes50203]

It is interesting that the 401 error is often related to authentication, and, as a rule, many start looking for reasons in incorrect tokens. But I would add that it is also worth checking the correctness of the access rights settings at the level of the SAP system itself, because sometimes there may be a ban on access to certain data in the API, and despite the correctness of the tokens, access will be blocked.