This control statement sets the credential for the REST execution job to connect to the cloud service.
The following authentication types can be set.
BASIC authentication
Bearer token authentication
AWS_SigV4 authentication
AzureAD authentication (Oauth2.0 clientcredentials authentication )
SAP Cloud Service authentication(Oauth2.0 clientcredentials authentication)
Proxy server authentication
Authentication of any key, value
Synopsis
The JSON format and character encoding are described in UTF -8.All data types, except sigv4Header for AWS_SigV4 authentication, are specified as string. sigv4Header is of type object.
You can register multiple credential at one time by using a list format.
The following describes the description format for each authentication type.
Control statements for the BASIC authentication
Select this authentication type when making a request with BASIC authentication.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential Name", ------(1) (Note)
"authType": "authentication type", ------(2) (Note)
"basicUser": "user name of the BASIC authentication", ------(3) (Note)
"basicPasswd": "password of the BASIC authentication", ------(4) (Note)
"memo": "memo", ------(5)
"any key": "any value" ------(6)
}(Note): Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify basic.
(3) basicUser User name of the BASIC authentication
Specify the authentication username for BASIC authentication.
Specify a maximum of 1024 bytes.
(4) basicPasswd Password of the BASICauthentication
Specify the authentication password for BASIC authentication.
Specify a maximum of 1024 bytes.
(5) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
(6) Any key Any value
If you do not want the values of query parameters or HTTP request headers specified in the REST execution job to be written directly in the connection information file, use this operand to specify an any key and value. For details on how to specify this operand in the connection information file, refer to the "19.9.1 Connection information file".
This operand can be set multiple times as long as the key name is unique.
Specify any key and any value within 1024 bytes.
Note that you cannot use a hyphen (-) as the first character of any key.
Control statements for the bearer token authentication
Select this authentication type when making a request for bearer token authentication.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential name", ------(1) (Note)
"authType": "authentication type", ------(2) (Note)
"token": "authentication token", ------(3) (Note)
"memo": "Memo", ------(4)
"any key": "any Value" ------(5)
}(Note): Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify bearer.
(3) token Authentication token
Specify the authentication token.
(4) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
(5) Any key Any value
If you do not want the values of query parameters or HTTP request headers specified in the REST execution job to be written directly in the connection information file, use this operand to specify an any key and value. For details on how to specify this operand in the connection information file, refer to the "19.9.1 Connection information file".
This operand can be set multiple times as long as the key name is unique.
Specify any key and any value within 1024 bytes.
Note that you cannot use a hyphen (-) as the first character of any key.
Control statements for the AWS_SigV4 authentication
Select this authentication type when you request an API from Amazon Web Services.
AWS_SigV4 authentication makes a request to an Amazon Web Services API by creating a signature with Signature Version 4 using an access key and adding it to the request's credentials.
For more information about Amazon Web Services Signature Version 4, refer to the official Amazon Web Services documentation.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential name ", ------(1) (Note)
"authType": "authentication type", ------(2) (Note)
"accKey": "access key ID ", ------(3) (Note)
"secKey": "secret access key", ------(4) (Note)
"service": "service name to connect", ------(5) (Note)
"region": "region of the service to connect", ------(6) (Note)
"endpoint": "end point", ------(7) (Note)
"sigv4Header": {request header for signing}, ------(8)
"memo": "Memo", ------(9)
"any key": "any value" ------(10)
}(Note):Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify awssigv4.
(3) accKey Access key ID
Specify the access key ID for using Amazon Web Services APIs.
(4) secKey Secret access key
Specify the secret access key for using Amazon Web Services APIs.
(5) service Service name to connect
Specify the name of the service to connect.
(Example 1) AWS Batch: batch
(Example 2) AWS Lambda: lambda
For information about the format of each service name, refer to the official Amazon Web Services documentation.
(6) region Region to connect
Specify the region to connect.
(Example) Tokyo region: ap-northeast-1
For information about the format of each region, refer to the official Amazon Web Services documentation.
(7) endpoint End point
Specify the end point to connect.
(Example 1) AWS Batch service(Tokyo region): batch.ap-northeast-1.amazonaws.com
(Example 2) AWS Lambda service(Tokyo region): lambda.ap-northeast-1.amazonaws.com
For information about the API end point of Amazon Web Services, refer to the official Amazon Web Services documentation.
(8) sigv4Header Request header for signing
AWS_SigV4 authentication for REST execution jobs automatically sets "host "and" x-amz-date " as request headers for signing. If there are other request headers required for signing, specify them in the form "header name: value".
You can specify multiple header names and values in the sigv4Header object as follows.
sigv4Header: {
Header name1:Value1,
Header name2:Value2,
...
}For more information about the request header format required for signing, refer to the official Amazon Web Service documentation.
(9) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
(10) Any key Any value
If you do not want the values of query parameters or HTTP request headers specified in the REST execution job to be written directly in the connection information file, use this operand to specify an any key and value. For details on how to specify this operand in the connection information file, refer to the "19.9.1 Connection information file".
This operand can be set multiple times as long as the key name is unique.
Specify any key and any value within 1024 bytes.
Note that you cannot use a hyphen (-) as the first character of any key.
Control statements for the AzureAD authentication(Oauth2.0 clientcredentials authentication)
Select this authentication type when you request an API from Azure.
AzureAD authentication enforces authentication on the Oauth 2.0 clientcredentials flow.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential name", ------(1) (Note)
"authType": "authentication type", ------(2) (Note)
"clientId": "client ID", ------(3) (Note)
"clientSecret": "client secret", ------(4) (Note)
"endpoint": "end point", ------(5) (Note)
"resource": "resource", ------(6) (Note)
"memo": "memo", ------(7)
"any key": "any value" ------(8)
}(Note): Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify azuread.
(3) clinetId Client ID
Specify the client ID for Oauth 2.0 authentication.
For more information about the client ID format, refer to the official Azure documentation.
(4) clinetSecret Client secret
Specify the client secret for Oauth 2.0 authentication.
For more information about the client secret format, refer to the official Azure documentation.
(5) endpoint End point
Specify the end point for Oauth 2.0 authentication.
Specify the URL for obtaining the access token as follows.
Example) https://login.microsoftonline.com/<Tenant ID>/oauth2/token
For more information about the end point format, refer to the official Azure documentation.
(6) resource Resource
Specify the resource for Oauth 2.0 authentication.
For more information about the resource format, refer to the official Azure documentation.
(7) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
(8) Any key Any Value
If you do not want the values of query parameters or HTTP request headers specified in the REST execution job to be written directly in the connection information file, use this operand to specify an any key and value. For details on how to specify this operand in the connection information file, refer to the "19.9.1 Connection information file".
This operand can be set multiple times as long as the key name is unique.
Specify any key and any value within 1024 bytes.
Note that you cannot use a hyphen (-) as the first character of any key.
Control statements for the SAP cloud services authentication(Oauth2.0 clientcredentials authentication)
Select this authentication type when you request an API with Oauth 2.0 authentication from SAP Job Scheduling services.
SAP cloud services authentication enforces authentication on the Oauth 2.0 clientcredentials flow.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential name", ------(1) (*)
"authType": "authentication type", ------(2) (Note)
"clientId": "client ID", ------(3) (Note)
"clientSecret": "client secret", ------(4) (Note)
"endpoint": "end point", ------(5) (Note)
"memo": "memo" ------(6)
}(Note): Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify scs.
(3) clinetId Client ID
Specify the client ID for Oauth 2.0 authentication.
For more information about the client ID format, refer to the official SAP cloud services documentation.
(4) clinetSecret Client secret
Specify the client secret for Oauth 2.0 authentication.
For more information about the client secret format, refer to the official SAP cloud services documentation.
(5) endpoint End point
Specify the end point for Oauth 2.0 authentication.
Specify the URL for obtaining the access token as follows.
Example) https://cfazure.authentication.<Region >.hana.ondemand.com/oauth/token
For more information about the end point format, refer to the official SAP cloud services documentation.
(6) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
Control statements for setting up proxy server authentication
When making an HTTP request via a proxy server, specify the proxy server authentication information for this authentication type.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential name", ------(1) (Note)
"authType": "authentication type", ------(2) (Note)
"proxyAddress": "proxy server address", ------(3) (Note)
"proxyPort": "proxy server port number", ------(4) (Note)
"proxyUser": "authentication username for the proxy server", ------(5)
"proxyPasswd": "proxy server authentication password", ------(6)
"memo": "memo" ------(7)
}(Note):Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify proxy.
(3) proxyAddress Proxy server address
Specify the proxy server address.
Specify a maximum of 1024 bytes.
(4) proxyPort Proxy server port number
Specify the proxy server port number.
Specify between 0 and 65535.
(5) proxyUser Authentication username for the proxy server
Specify the authentication username for the proxy server.
Specify a maximum of 1024 bytes.
Required if proxy server authentication password is specified.
(6) proxyPasswd Proxy server authentication password
Specify the proxy server authentication password.
Specify a maximum of 1024 bytes.
Required if proxy server authentication username is specified.
(7) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
Control statements for setting authentication of any key or value
If you do not want to perform authentication using other authentication types, and you do not want the values of query parameters, HTTP request headers, and HTTP request bodies specified in the REST execution job to be written directly in the connection information file, you can set any keys and values using this authentication type.
The credential name specified for this authentication type is specified this parameter in the credential name parameter of the connection information file for the REST execution job.
{
"name": "credential name", ------(1) (Note)
"authType": "authentication type", ------(2) (Note)
"memo": "memo", ------(3)
"any key": "any value" ------(4)
}(Note): Must be specified.
(1) name Credential name
Specify the name of the credential name to be registered.
Specify a maximum of 64 bytes.
Half-width alphanumeric characters, "_" (underscore) and "-" (hyphen) can be used. However, you cannot use a hyphen (-) at the beginning.
(2) authType Authentication type
Specify others.
(3) memo Memo
Specify the memo entry for the credential to be registered.
Specify a maximum of 1024 bytes.
(4) Any key Any value
Specify any key and value. For details on how to specify this operand in the connection information file, refer to the "19.9.1 Connection information file".
This operand can be set multiple times as long as the key name is unique.
Specify any key and any value within 1024 bytes.
Note that you cannot use a hyphen (-) as the first character of any key.