This section describes different ways how the application accesses the SAP Job Scheduling service REST APIs depending on the service plan you use.
The SAP Job Scheduling service REST APIs are guarded by HTTP Basic authentication, which requires a user name and a password. Both are fetched from the VCAP_SERVICES section of the application environment after binding it to the SAP Job Scheduling service.
Use the following command to view the VCAP_SERVICES content:
$ cf env <application-name>
{
"VCAP_SERVICES": {
"jobscheduler": [
{
"credentials": {
"clientid": "PRIVATE_DATA_HIDDEN",
"identityzone": "PRIVATE_DATA_HIDDEN",
"password": "PRIVATE_DATA_HIDDEN",
"url": "https://jobscheduler-rest.cfapps.stagingaws.hanavlab.ondemand.com",
"user": "PRIVATE_DATA_HIDDEN",
"xsappname": "PRIVATE_DATA_HIDDEN"
},
"label": "jobscheduler",
"name": "js-instance",
"plan": "default",
"provider": null,
"syslog_drain_url": null,
"tags": [
"jobscheduler"
]
}
]
}
}
All APIs are accessed through HTTPS.
All data is sent and received in the JSON format. When sending data through API requests, make sure that the HTTP header
Content-typeis set toapplication/json.
You can access the REST API for a standard instance by providing an OAuth token.
You can use app bindings and service keys to generate credentials for a service instance in Cloud Foundry.
If you've bound the service instance to an application, you find the following section in the VCAP_SERVICES of your application:
{
"jobscheduler": [
{
"..": "..",
"credentials": {
"uaa": {
"apiurl": "<apiurl>",
"clientid": "<clientid>",
"clientsecret": "<clientsecret>",
"identityzone": "<identityzone>",
"identityzoneid": "<identityzoneid>",
"sburl": "<sburl>",
"tenantid": "<tenantid>",
"tenantmode": "dedicated",
"uaadomain": "<uaadomain>",
"url": "<url>",
"verificationkey": "<key>",
"xsappname": "<xsappname>"
},
"url": "https://jobscheduler-rest.<landscape-domain>"
},
"...": "..."
}
]
}
If you use binding with certificates, the binding looks different. The binding has fields that are named differently or that are missing, for example,
certificateandkeyinstead ofclientsecret.
Alternatively, you can create a service key using cf create-service-key <jobscheduler-instance-name>**<key-name> and view the credentials using cf service-key <jobscheduler-instance-name> <key-name>.
Service keys also allow the same parameters as bindings, for example, if you're using binding with certificates:
cf create-service-key <jobscheduler-instance-name> <key-name> -c parameters.json with parameters.json as:
{
"credential-type": "x509",
"x509": {
"key-length": 2048,
"validity": 7,
"validity-type": "DAYS"
}
}
Depending on the type of credentials you obtain, proceed as follows:
-
To fetch an OAuth token from xsuaa, use one of the following options:
-
Use the provided
clientidandclientsecret:Method: POST Url: <value from credentials.uaa.url>/oauth/token Header: Content-Type: application/x-www-form-urlencoded Authorization: Basic <Base64 encoded clientid:clientsecret> Cache-Control: no-cache Body: grant_type=client_credentialsThe response should look as follows:
{ "access_token": "<token>", "token_type": "bearer", "expires_in": 43199, "scope": "<scope(s)>", "jti": "<hidden>" } -
Use the provided
clientidandcertificates:Extract the value of the fields
certificateandkeyto files namedcert.pemandkey.pemof the application environment inVCAP_SERVICES.The certificate and key string in the environment contain new line escape sequences \n, which have to be replaced by actual line breaks of your OS if used in
cert.pemandkey.pem.Example using curl to retrieve the access token:
curl --cert cert.pem --key key.pem -XPOST <certurl>/oauth/token -d 'grant_type=client_credentials&client_id=<clientid>'
For more information, see Create a Service Instance Using CF CLI.
-
-
Use the
access_tokenin your request to the SAP Job Scheduling service REST API:... Url: <value from credentials.url>/scheduler/ Header: Authorization: Bearer <access_token> ...
Related Information
Create a Service Instance Using CF CLI
Create Service Keys Using the Cloud Foundry Command Line Interface