Agents configuration
1. Sign on to SAP CPI CF/IS using SAML2
Open Configuration → Agents page, click Edit on needed Agent. If you don’t have Agent configured read this section at first. Configure Web API Authentication setting to Custom IdP. Then you will need to do the following steps:
-
Go to your SAP BTP Cockpit and download
SAML Metadata.
-
Open the file and copy value related to
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location=. -
Go to Figaf Tool and paste Url from the previous step into
SSO Url. -
Save the agent.
-
Generate entity descriptor for the agent:
-
Go back to the SAP BTP Cockpit and upload this file as a new Trust configuration.
Don’t change anything in the configuration, just configure Name. Otherwise, there could be some issues. -
Add Role collection mappings for the IdP:
PI_Administrator,PI_Business_Expert,PI_Integration_Developerwith the attributeGroupsand the valueAdmin:
If you configure the IdP for IS system and want to synchronize Message Implementation Guideline objects, configure one more Role collection mapping
iadv-content-developerwith the attributeGroupsand the valueAdminfor the IdP.If you are going to use cpi-plugin for the agent, it’s required to create OAuth Client with
idp:signscope and use its credentials inidpApiClientIdandidpApiClientSecretproperties ingradle.propertiesfile and configure Role collection mappingPI_Integration_Developerwith the attributeGroupsand the valueDeveloperfor the IdP. -
Go back to Figaf Tool and test configuration for the agent. Select it and click on
Test configurationbutton.
If you need to regenerate entity descriptor for the agent. You need to Reset Entity Descriptor on CPI agent configuration, then generate entity descriptor and update the Trust configuration in the SAP BTP Cockpit.
|
2. Sign on to SAP CPI CF/IS using SAP Passport
Open Configuration → Agents page, click Edit on needed Agent. If you don’t have Agent configured read this section at first. Configure Web API Authentication setting to SAP Passport. Then you will need to do the following steps:
-
Go to SAP Passport and navigate to related pages to generate the certificate.
Be aware that certificate with 1024 (Medium Grade) key length isn’t supported. -
Go to Figaf Tool and create certificate. Either on
Configuration → Certificatespage or on the agent page. -
Select
Certificate. -
Save the agent.
3. Naming convention rules
Open Configuration → Agents page. If you don’t have Agent configured read this section at first.
To upload naming convention rules follow the steps:
-
Click on naming convention rules icon for the agent:
-
Upload CSV file with configuration.
It’s possible to download sample file or existing rules files. Examples of naming convention rules CSV file
Naming convention rules for PRO agent:
Tag;Object type;Sender Party;Sender Component;Interface Name;Interface Namespace;Receiver Party;Receiver Component tag1;CHANNEL;.*;.*TEST.*;.*;;; tag2;ICO;.*;.*TEST.*;TEST.*;.*;.*;.*Only ICOandCHANNELtypes are supported.CHANNELhas 3 keys,ICOhas 6 keys. Empty values are supported for Sender Party, Receiver Party and Receiver Component keys.Naming convention rules for CPI agent:
Tag;Object type;Name tag1;CPI_IFLOW;TEST.*; tag2;CPI_IFLOW;TST.*;Only CPI_IFLOWtype is supported.Naming convention rules for Api Management agent:
Tag;Object type;Name tag1;API_PROXY;.*_TST.* tag2;KEY_VALUE_MAP;.*_TEST tag3;ENCRYPTED_KEY_VALUE_MAP;.*_TESTOnly API_PROXY,KEY_VALUE_MAP,ENCRYPTED_KEY_VALUE_MAPtypes are supported. -
Once you upload the rules, related technical tags will be created and attached to appropriate tracked objects. Tag
<system-id:no-naming-validation>will be attached to objects that don’t match any naming convention rule.
If there are naming convention rules for the agent, you can either upload new rules or cleanup them completely. During cleanup operation naming convention rules will be deleted together with related technical tags. Also naming validation will be forcibly disabled in all landscapes where current agent is a source landscape item.