Initial setup via Postman

If your SAP system's SICF's services aren't reachable from the cloud - follow these instructions to manually populate credentials via Postman.

For Axiom zk-workflows - this option is less preferred - as all workflow data types will have to be defined manually; your Axiom workflow data types should correspond exactly the data dictionary types.

For integrations of digital wallets, payments, Vault, Nchain without zk-workflows this option is still more than sufficient and the {{prvdworkgroupid}} and {{prvdsubjectacctid}} collection variables don't need to maintained

Creating credentials

Create the organization and workgroup in Shuttle as previously described

Onboarding credentials to SAP

Download the Postman collection

Import the collection and note the requests

Login as Shuttle user

Maintain the {{shuttle_email}} and {{shuttle_password}} collection variables

Call the Authorize Access Token endpoint from the Onboarding folder

Retrieve organization details

Use the List organizations endpoint. This will automatically save the first organization id in the response to the {{prvdtenantid}} collection variable (change as necessary if you have several orgs to maintain)

Get workgroup and subject account details (for Axiom zk workflows only)

Execute the JWT Authenticate - Get access token from refresh token request

Call the List workgroups and Subject Accounts List endpoints

Note that if you created a workgroup - the {{prvdworkgroupid}} and {{prvdsubjectacctid}} collection variables are already maintained based on the first workgroup in the first organization. You can simply cross reference the console output from the list organizations response for accuracy sake for other orgs and workgroups.

Generate a refresh token

Call the JWT Authenticate - Generate long-dated refresh token endpoint

Your PRVD API key is the refresh_token attribute in the response. This is a JWT you can inspect in JWT.io.

Note: This JWT is valid for 30 days, can be revoked by the user at any time, and can be used in non-SAP applications as well

You can also create your PRVD refresh JWT token through the PRVD CLI. You'll need to maintain the {{prvdtenantid}} and {{prvdrefreshtoken}} collection variables accordingly. See this gist for an example:

Authenticate to your SAP system

Maintain the {{sapuserid}} and {{sappassword}} of your SAP system user credentials in the Postman collection variables. Also maintain the {{sapbaseurl}} referring to your SAP Gateway Hub / Fiori system

Execute the provide-abap auth - fetch token HEAD request to retrieve the necessary XCSRF token into Postman

Populate credentials to SAP

Execute the prvd tenants create POST request

You can test your credentials using the prvd tenants read GET request. The attribute reachable : true will successfully indicate your S/4 system's connectivity to PRVD APIs

Need help? Feel free to schedule a complementary guided on boarding session