SAP Mobile Platform 2.3: Developer Guide: REST API Applications

Developer Guide: REST API Applications
SAP Mobile Platform 2.3

DOCUMENT ID: DC01926-01-0230-01
LAST REVISED: February 2013
Copyright © 2013 by Sybase, Inc. All rights reserved.
This publication pertains to Sybase software and to any subsequent release until otherwise indicated in new editions or
technical notes. Information in this document is subject to change without notice. The software described herein is furnished
under a license agreement, and it may be used or copied only in accordance with the terms of that agreement.
Upgrades are provided only at regularly scheduled software release dates. No part of this publication may be reproduced,
transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical, or otherwise, without the prior
written permission of Sybase, Inc.
Sybase trademarks can be viewed at the Sybase trademarks page at http://www.sybase.com/detail?id=1011207. Sybase and
the marks listed are trademarks of Sybase, Inc. ® indicates registration in the United States of America.
SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered
trademarks of SAP AG in Germany and in several other countries all over the world.
Java and all Java-based marks are trademarks or registered trademarks of Oracle and/or its affiliates in the U.S. and other
countries.
Unicode and the Unicode Logo are registered trademarks of Unicode, Inc.
All other company and product names mentioned may be trademarks of the respective companies with which they are
associated.
Use, duplication, or disclosure by the government is subject to the restrictions set forth in subparagraph (c)(1)(ii) of DFARS
52.227-7013 for the DOD and as set forth in FAR 52.227-19(a)-(d) for civilian agencies.
Sybase, Inc., One Sybase Drive, Dublin, CA 94568.
Contents
REST Services Applications ................................................1
Documentation Roadmap for SAP Mobile Platform ...........3
Prerequisites ..........................................................................5
Application Requirements ...............................................5
Authentication ........................................................5
Supported Username Variations ............................6
HTTP Cookies ......................................................6
Relay Server Pass-Through Mode for HTTP Clients ......6
Reverse Proxies ..............................................................7
Client Libraries ................................................................7
Configuring SAP Mobile Server ......................................7
Creating a Security Configuration for a Domain
...........................................................................8
Creating an Application ..........................................8
Creating a Proxy Connection (Whitelisting) ...........9
Managing Applications Connections ....................10
Assigning the Security Configurations .................11
Developing the Application ................................................13
Request URL Format ....................................................13
Example URL .......................................................14
Creating an Application Connection .............................14
Anonymous Application Connections .................15
Getting Application Settings .........................................15
Getting Changed Settings ...................................16
Registering the Client for Native Push Notification .......16
Registering the Android Client .............................16
Registering the BlackBerry Client ........................18
Registering the iOS Client ...................................18
Setting or Updating Application Settings ......................19
Deleting an Application Connection ..............................20
Retrieving a Customization Resource Bundle .............20
Developer Guide: REST API Applications iii

Contents
Uploading Business Transactions for Tracing ..............21

Accessing a Service through a Proxy URL ..................21
Reference .............................................................................23
HTTP Headers and Cookies .........................................23
Application Connection Properties ...............................24
Proxy Responses ..........................................................27
Application Connections ...............................................28
Service Document ...............................................28
Metadata ..............................................................29
Create Application Connection ...........................31
Get Application Settings .....................................32
Get Application Settings (Property) .....................35
Update Application Settings (PUT) ......................36
Update Application Settings (MERGE) ................37
Delete Application Connection .............................38
Application Customization Resource Bundles ..............39
Download Customization Resource Bundle .......39
Business Transactions ..................................................40
Upload BTX .........................................................40
Proxy Connections ........................................................41
Access External Service .....................................41
Index ..................................................................................43
iv SAP Mobile Platform

REST Services Applications

The SAP® Mobile Platform REST Services API enables standard HTTP client applications
running in any platform to access SAP Mobile Platform REST services.
SAP Mobile Server provides REST services so that applications can be built as any standard
HTTP application to leverage SAP Mobile Server for security and push features among
others.
The client application should first register an application connection with device information,
such as device type, push information and password capability and so on. After registering,
application can retrieve and update the application connection settings through REST API.
You can enable or disable the push notification only after registering.
Note: The application connection can be deleted through REST API, when it is not in use. In
this case, the data stored by application in the custom fields of the application connection will
be lost.
The application can download resources (such as meta-data files, multimedia files, and so on.)
through resource bundles service, in order to initialize client application.
Then, the application can access SAP Gateway through proxy service, and receive native push
notification triggered by gateway if push properties are configured and enabled. If application
supports can also upload the business transactions for tracing using BTX service.
This development approach supports:
• Registration (creating an application connection)
• Authentication
• Native push notification
• Configuration
You build your client applications using third party developer tools, and without using any
SAP Mobile SDK or native client libraries. SAP Mobile Platform provides management and
monitoring of the applications, and support for native push notification such as Apple Push
Notification Service, BlackBerry Enterprise Server push, or Google Cloud Messaging.
Optionally, you may use certain SAP Mobile Platform native client libraries to enable
complex application capabilities, such as OData parsing and building, caching, or data vault
management. You may also use third party JavaScript helper libraries such as those from
Sencha, Appcelerator, or Adobe PhoneGap. For more information, see Developer Guide:
OData SDK.
Developer Guide: REST API Applications 1

2 SAP Mobile Platform

Documentation Roadmap for SAP Mobile Platform
Documentation Roadmap for SAP Mobile

Platform
SAP® Mobile Platform documents are available for administrative and mobile development
user roles. Some administrative documents are also used in the development and test
environment; some documents are used by all users.
See Documentation Roadmap in Fundamentals for document descriptions by user role.
Check the Product Documentation Web site regularly for updates: http://sybooks.sybase.com/
sybooks/sybooks.xhtml?id=1289&c=firsttab&a=0&p=categories, then
navigate to the most current version.

Documentation Roadmap for SAP Mobile Platform

Prerequisites
Prerequisites
Review the prerequisites for developing an HTTP client application to access SAP Mobile
Platform REST services.
Application Requirements
Ensure that application meets the necessary requirements for authentication, user names,
cookies, and client libraries.
Authentication
Set up your HTTP client to use one of four types of authentication.
• Basic authentication – Provide a username and password to login. This method is
available when connecting through HTTP and one-way HTTPS.
• SSO token – Provide an SSO token to login. This method is available when connecting
through HTTP and HTTPS and a token validation service is available and configured.
• X.509 Mutual authentication – Provide a client certificate to login. This method is
available only through an appropriately configured HTTPS listener.
• X.509 Mutual authentication through intermediary – Provide a forwarded client
certificate to login; the forwarded certificate is provided by the SSL_CLIENT_CERT
header. The SSL_CLIENT_CERT header contains a forwarded PEN-encoded client
certificate. This method is available only through an appropriately configured HTTPS
listener. The certificate forwarder must have the "SUP Impersonator" role to be authorized
for this type of login. The certificate of the actual "SUP Impersonator" user cannot be used
as a regular user certificate.
Intermediary refers to the relay server or an apache reverse proxy. The requests are sent on
mutual SSL connection from client to intermediary and then intermediary to SUP. From
client to intermediary, client certificate is used on transport level. From intermediary to
SUP, the impersonator certificate is used on transport level. The client certificate is
forwarded as SSL_CLIENT_CERT HTTP request header.
A request targeting a resource that requires authentication fails with error code 401 unless X.
509 mutual authentication is used to establish a valid authenticated request context (The
certificate validation login module must exist in the security configuration used to
authenticate the request and the certificate validation must be successful and sufficient. If that
is not the case, regular username/password or token authentication is attempted and the
request is authenticated equal to a non X.509 authenticated connection). After three
subsequent failed authentication attempts using the same X-SUP-SESSID, the fourth attempt
fails with a 403 error code.

Prerequisites
Authentication Challenges
Your application must be able to respond to standard HTTP authentication challenges.
Supported Username Variations

The following username variations are supported.
• user – A regular username is used.
• [email protected] – An email address is used as the username. For example,
[email protected].
• user@sc – A regular username is used and the security configuration is overridden by a
username suffix.
• [email protected]@sc – An email address is used as the username and the security
configuration is overridden by a username suffix. For example, [email protected]@sc.
For those usernames that override the security configuration, both the default security
configuration associated with the domain as well as the security configuration specified in the
X-SUP-SC request header are overridden. You must associate the specified security
configuration with the domain to allow a successful connection, otherwise a 403 error is
returned to the HTTP client. If a request refers to a non- existent domain or security
configuration, a 404 error is returned. If you use mutual X.509 authentication with certificates,
you can only override the domain default security configuration using request headers. If the
specified security configuration does not exist, a 404 error is returned.
HTTP Cookies
Ensure that you enable HTTP cookies in your application. See RFC 6265 for information on
standard HTTP cookie processing.
Relay Server Pass-Through Mode for HTTP Clients

HTTP clients can connect through a Relay Server to SAP Mobile Server to use the REST
services.
Due to some techincal limitations, URL rewrite is not supported for the applications. To
support the URL rewrite, application has to provide the backend request URL as a request
header namely X-SUP-BACKEND-URL while sending the request to SAP Mobile Server.
When this request reaches to the SAP Mobile Server, the server forwards the request to the
URL as provided in the X-SUP-BACKEND-URL. Upon receiving the response, backend
returns the response to the application without any change. Thus in this case the backend URL
present within the response body are not re-written by the SAP Mobile Server. If the
application uses these URL for the subsequent calls, then such calls will not be returned to the
SUP server. Hence, the application should add the backend request URL to the X-SUP-
BACKEND-URL header for each request message.

Prerequisites
Reverse Proxies
Requirements for third party reverse proxies for use with SAP Mobile Platform.
The reverse proxy must be a straight pass-though proxy server. Ensure the reverse proxy meets
these requirements:
• Does not change the content encoding of the requests or responses. Chunked transfer
encoding is the required data transfer mechanism. Content-length encoding is not
supported.
• Does not remove any HTTP headers.
• The timeout period (if any) must be greater than the timeout used by the clients.
• The resulting URL that is passed to the SAP Mobile Platform must be http://
HostName/[public/]<AppID>, where [public] is optional and if included
anonymous connection is allowed. Example, http://suphost/public/empDir.
Client Libraries
Optionally, you can include certain SAP Mobile Platform or OData client libraries from the
SAP Mobile SDK to enable complex application capabilities, such as OData parsing and
building, or data vault management.
You can include the following libraries if needed by your application:
• Datavault (for secure storage of sensitive data, or password policy capabilities)
• iOS, Android, or BlackBerry clients can use certain OData libraries:
• OData parser (SDM parsing libraries)
• OData Persistence and Cache
Do not include the following libraries:
• SAP Mobile Platform proxy libraries from the OData SDK
• Other native SAP Mobile Platform libraries
Configuring SAP Mobile Server

Configure access for authenticated or anonymous HTTP clients to connect to SAP Mobile
Server through a proxy connection.
Note: The administrator must configure SAP Mobile Server before you develop HTTP client
application.

Prerequisites
Creating a Security Configuration for a Domain

Define a set of security providers in SAP Control Center to protect domain resources,
according to the specific security requirements of the domain. Create a security configuration,
then map it to the desired domain.
A security configuration determines the scope of data access and security. A user must be part
of the security repository used by the configured security providers to access any resources
(that is, either a SAP Control Center administration feature or a data set from a back-end data
source) on a domain. See Security Configurations in the Security guide.
When you create a new security configuration, SAP Mobile Platform sets the NoSecurity
provider by default. SAP recommends that after you add, configure, and validate your
providers, you remove the NoSecurity provider. For more information on the NoSecurity
provider, see NoSecurity Configuration Properties inSAP Control Center for SAP Mobile
Platform.
1. In SAP Control Center, add a new security configuration using the Security node.
2. In the left navigation pane, expand the Security folder and select the new configuration.
3. Use the Authentication, Authorization, Attribution, and Audit tabs to configure the
appropriate security providers for each aspect of domain security.
4. Edit the security provider properties, as required.
5. Validate the configuration to ensure that SAP Mobile Server accepts the changes.
6. Apply the changes to SAP Mobile Server.
Creating an Application
Create a new application in SAP Mobile Server.
1. In the left navigation pane of SAP Control Center, click the Applications node and select
the Applications tab in the right administration pane.
2. Click New to register an application.
3. In the Application Creation Wizard, enter a unique Application ID.
4. Enter a Display name and Description for the application.
5. Select the appropriate security configuration from the Security configuration drop-down
list.
6. (Optional) For applications that do not require authentication, select the anonymous
security configuration or the Anonymous access checkbox.
7. Select the appropriate domain from the Domain drop-down list.
If you do not select the specific security configuration and domain from the list, the default
values will be considered.
8. Click Finish to register the application with the configured settings.

Prerequisites
For more information, see SAP Control Center for SAP Mobile Platform > Administer >
Applications > Defining Applications > Creating REST API Application Definitions.
Creating a Proxy Connection (Whitelisting)

Create a new connection in SAP Control Center to allow a proxy connection (authenticated or
anonymous) through SAP Mobile Platform.
Note: When you set the proxy property with the endpoint address in the application template
(either as part of the application creation or editing the application template created for that
application), a proxy connection is generated automatically.
1. In the left navigation pane, expand the Domains folder, and select the default domain.
2. Select Connections.
3. In the right administration pane, select the Connections tab, and click New.
4. Enter a unique Connection pool name.
5. Select the Proxy Connection pool type.
6. Select the appropriate template for the data source target from the Use template menu.
7. Set the Address property by clicking the corresponding cell and entering the address of the
proxy endpoint. For example, http://odata.example.com/v2/Catalog/
8. Configure the following optional properties:
Note: You must manually enter the EnableHttpProxy and EnableUrlRewrite
properties; these properties are not pre-populated in the menu. To access an external
service, you must configure the http.proxyHost and http.proxyPort properties
during server configuration in SAP Control Center > Servers > Server Configuration >
General > User Options. If you set or change the setting for http.proxyHostand
http.proxyPort, you must restart the services using the stop/start service scripts. For
more information, see Administer > SAP Mobile Server > Configuring SAP Mobile
Server to Securely Communicate With an HTTP Proxy in SAP Control Center for SAP
Mobile Platform .
• Allow Anonymous Access – Enables anonymous authentication to SAP Mobile
Platform.
• Certificate Alias – Client SSL certificate stored in the SAP Mobile Platform keystore
to be forwarded to the EIS.
• Username – Username passed to the EIS.
• Password – Password passed to the EIS.
• EnableHttpProxy – Enables Internet proxy support in the proxy connector.
EnableHttpProxy defaults to false. Set explicitly to true to enable.
• EnableUrlRewrite – Enables the proxy component to rewrite URLs (or URIs)
embedded in a response, with SUP URLs that causes the client requests to be directed

Prerequisites
back to the SAP Mobile Server (proxy component), rather than to the back end server.
EnableUrlRewrite defaults to true. Set explicitly to false to disable.
• ProxyHost – Host name of the proxy server.
• ProxyPort – Port number.
Note: On a proxy connection, if the header for X-SUP-BACKEND-URL is not NULL, or
EnableURLRewrite is false then no URL rewrite occurs for either the request or
response content.
Note: To access the external services, you must configure EnableHttpProxy = True,
ProxyHost = proxy, ProxyPort = 8080 in the connection pool.
9. Click OK to register the connection pool.
Managing Applications Connections

Manage application connections for authenticated users by creating a application template
based on the template that was automatically created when you added the application.
Creating Application Connection Templates

Create application connection templates by setting appropriate properties and values.
1. In the left navigation pane, click the Applications node.

2. In the right administration pane, click the Application Connection Templates tab.
3. Click New.
4. Enter the Template name and Description for the application connection template.
5. Select the Base template from the drop-down list.
6. You can configure any of the following profiles. See Application Connection Properties:
• Application Settings
• Android Push Notifications
• Apple Push Notifications
• BlackBerry Push Notifications
• Capabilities
• Connection
• Custom Settings
• Device Advanced
• Device Info
• Password Policy
• Proxy
• Security Settings
• User Registration
7. Click OK.

Prerequisites
Assigning the Security Configurations

Assign the anonymous and authenticated security configuration to the domain.
1. In the left navigation pane, navigate to ClusterName > Domains > DomainName >
Security.
2. In the right administration pane, select the Security Configurations tab and click
Assign.
3. From the list of available security configurations, select the appropriate configuration for
domain security, and click OK.
To allow HTTP clients anonymous access, select the anonymous security configuration,
and to allow authenticated access, select one or more security configurations that you
created.
If successful, an Assigned successfully message appears, and the newly added security
configuration is listed in the domain-level Security node.

Prerequisites

Developing the Application

Develop your HTTP client application to use the REST Services API to access SAP Mobile
Platform REST services.
Request URL Format

The HTTP client can access SAP Mobile Platform services using a specific URL format.
For accessing services directly through SAP Mobile Server without a Relay Server:
http://domain:port/[public/]/{resource}/{resource-specific}
Domain is defined by host name and should match with the domain registered with SAP
Mobile Platform. If the requested domain name does not match, default domain will be used.
The resource represents one of the built-in SAP Mobile Platform services for managing
application registration, settings, or customization resource bundles, or one of the configured
Proxy Connection endpoints.
The resource-specific part of the URL specifies the actual resource being referenced.
For accessing services where a Relay Server is configured with the SAP Mobile Server, the
URL you use depends on whether Relay Server is installed on an IIS or Apache host.
For an IIS host:
http://{RelayServerName}:80/ias_relay_server/client/rs_client.dll/
{Unwired Server Farm ID}/[public/]/{ProxyName}
For an Apache host:

http://{RelayServerName}:80/cli/iasrelayserver/{Unwired Server Farm
ID}/[public/]/{ProxyName}
Requests to SAP Mobile Platform require valid transport credentials unless made over a SAP
Mobile Platform protocol (Messaging-based synchronization and its Java implementation) or
they explicitly request a public resource (indicated when a resource in the "public" context is
requested). Each SAP Mobile Platform domain can authenticate requests by using a default
security configuration. If a domain has no default security configuration defined, the default
security configuration, "admin," is used to authenticate the request.
By explicitly setting the HTTP headers, you can override the domain used to resolve the
targeted endpoint, as well as the security configuration used to authenticate a request. For
more information, see HTTP Headers and Cookies on page 23.
The resource part of the URL corresponds to a proxy endpoint name (connection type
PROXY). The SAP Mobile Platform Proxy component handles any request made towards a

configured Proxy Connection Endpoint and later forwards the request to the URL specified in
the connection template.
Example URL
Example of an HTTP URL request.
http://mobile.sap.com/com.sap.mobile.endpointABC/mybackendurl
The "mobile.sap.com" part of the URL refers to the SAP Mobile Platform domain name, and
"com.sap.mobile.endpointABC" is the connection name as defined within the scope of the
SAP Mobile Platform domain "mobile.sap.com".
In SAP Mobile Platform, there must be a proxy endpoint named
"com.sap.mobile.endpointABC" within the "mobile.sap.com" or "default" domains. If the
connection "com.sap.mobile.endpointABC" is undefined, the device receives a 404 error.
Creating an Application Connection

You must explicitly register the application connection using the SAP Mobile Platform. You
can specify customized application properties for the client with the request. You should
provide the application connection ID, X-SUP-APPCID, using an explicit request header or a
cookie. If the value is missing, the SAP Mobile Server generates a Universally Unique ID
(UUID), which is communicated to the device through response cookie X-SUP-APPCID.
Note: OData proxy client must support cookies for registered users. During registration, the
server sends the X-SUP-APPCID in a cookie. The client sends the cookie back in subsequent
requests or set the X-SUP-APPCID in a header.
Create an anonymous or authenticated application connection by issuing a POST request to
the following URL, and include the application connection properties in the request.
http://domain:port/[public/]/odata/applications/{v1|latest}/
{appid}/Connections
The URL contains these components:

• domain – Domain is defined by host name and should match with the domain registered
with SAP Mobile Platform . If the requested domain name does not match, default domain
will be used.
• port – The port for listening for OData requests; by default, 8000.
• “public” prefix – If included, an anonymous security configuration is used.
• odata/applications/ – Refers to the OData services associated to the application
resources.
• {V1|latest} – The version of the service document.
• appid – The name of the application.
• Connections – The name of the OData collection.
Application connection properties are optional. You can create an application connection
without including any application properties. For the usage and description of application

connection properties, search for Application Connection Properties in System

Administration .
DeviceType is an application connection property that you may typically set. Valid values
for DeviceType are:
• Android – Android devices.
• iPhone – iOS devices.
• Blackberry – Includes devices with BlackBerry OS 5 and below.
• Rim6 – Includes devices with BlackBerry OS6 and above.
• WinMobile – Includes devices with Windows Mobile 5 for Pocket PC and Windows
Mobile 6 Professional.
• WinSmartPhone – Includes devices with Windows Mobile 5 for Smart Phone and
Windows Mobile 6 Standard.
• Windows – Includes desktop or servers with Windows OS, such as Windows XP,
Windows Vista, Windows 7, Windows Server series OS.
Specifying any other value for DeviceType causes "Unknown" to be returned in the
DeviceType column.
For following example shows the HTTP request body to register an application connection
using default values for all properties.
<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom" xmlns:m="http://
schemas.microsoft.com/ado/2007/08/dataservices/metadata"
xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices">
<content type="application/xml">
<m:properties/>
</content>
</entry>
Anonymous Application Connections

For an anonymous application connection, an X-SUP-SECTOKEN cookie is generated when
you create the application connection, and you must include the X-SUP-SECTOKEN in
request header and cookie during subsequent read or write requests for the application
settings. If you do not provide an X-SUP-SECTOKEN in the request for the anonymous
application settings, you will receive a 403 error.
Getting Application Settings

You can retrieve the application connection settings for the device application instance by
issuing the GET method.
You can retrieve application settings by either explicitly specifying the application connection
ID, or by having the application connection ID determined from the call context (that is, from

either the X-SUP-APPCID cookie or X-SUP-APPCID HTTP header, if supplied). On the first
call you can simplify your client application code by having the application connection ID
determined from the call context, since you have not yet received an application connection
ID.
If you supply an application connection ID, perform an HTTP GET method at the following
URL:
http://domain:port/[public/]odata/applications/{v1|latest}/{appid}/
Connections(‘{appcid}’)
If you do not supply an application connection ID, perform an HTTP GET method at the
following URL:
Connections(‘*current ’)
You can also retrieve a property value by appending the property name in the URL. For
example, to retrieve the ClientLogLevel property value:
Connections(‘{appcid}’)/ClientLogLevel
Getting Changed Settings

You can conditionally retrieve only the changed settings.
http://domain:port/[public/]odata/applications/{v1|latest}/
Connections(‘{appcid}’)?If-None-Match=”${ETag}”
The ${ETag}part of the URL is a version identifier included in the response of the GET
method. If the ETag value of the current application settings is the same as the value included
in the request, a status code 304 without a response body is returned to the client to indicate
there are no application settings changes.
Note: The query function is not supported.
Registering the Client for Native Push Notification

Enable native push notifications and register your application to receive push notifications.
Registering the Android Client

Register and enable your Android device clients to receive push notifications.
1. Obtain a GCM Sender ID. See instructions in Google's documentation for "Registering for
GCM."
2. In SAP Control Center configure push notification:
a. In the Android Push Notifications section of the corresponding Application Template
use the GCM Sender ID value to update the Sender ID, and set Enabled to true.

b. Select Application > Properties > Push Configurations > Add to configure push
settings in the application properties (setting the GCM server URL, and other
parameters).
• Use the API key from GCM to configure the API key.
3. Perform a one-time registration to enable push notifications for the application:
a. Create an application connection. For example, for Android devices:
POST http://{domain-host-port}/odata/applications/v1/{appid}/
Connections
HTTP Header "Content-Type" = "application/atom+xml"
Body:
xmlns:d="http://schemas.microsoft.com/ado/2007/08/
dataservices">
<m:properties>
<d:DeviceModel>Samsung Galaxy S2</d:DeviceModel>
<d:DeviceType>Android</d:DeviceType>
<d:DeviceSubType>Smartphone</d:DeviceSubType>
<d:DevicePhoneNumber>555-555-1212</d:DevicePhoneNumber>
<d:DeviceIMSI>123456</d:DeviceIMSI>
</m:properties>
</content>
</entry>
Note: You can check the "AndroidGcmPushEnabled" value returned from the
registration and only continue with the rest of the GCM/notification registration
processing if it is "true".
b. The application registers with the GCM server, using the value from the
"AndroidGcmSenderId" property, as well as the Android Application ID (which you
build into the application).
A successful GCM registration results in a Registration ID back from Google.
c. Using the ApplicationConnectionId ({appcid}) returned from the SAP Mobile
Platform registration call (in either the "X-SUP-APPCID" HTTP header or the
"ApplicationConnectionId" property), the application should update the
AndroidGcmRegistrationId property for the application connection for your
application by using the GCM Registration ID returned by Google:
PUT http://{domain-host-port}/odata/applications/v1/{appid}/
Connections/('{appcid}')
HTTP Headers "Content-Type" = "application/atom+xml" and "X-
HTTP-METHOD" = "MERGE"
Body:
dataservices">
<m:properties>
<d:AndroidGcmRegistrationId>{GCM registration ID}</
d:AndroidGcmRegistrationId>

</m:properties>
</content>
</entry>
4. Native mobile listener should be implemented by the application to get the notification.
Registering the BlackBerry Client

Register and enable your BlackBerry device clients to receive push notifications.
a. Select Application > Properties > Push Configurations > Add.
b. Select BES as the Type, and enter the Name, BES Server URL and Suffix, Username,
and Password.
2. Enable push notifications in the application itself:
a. Create an application connection, and include the DeviceType properties.
POST http://{domain-host-port}/odata/applications/v1/{appid}/
Connections
HTTP Header "Content-Type" = "application/atom+xml"
Body:
dataservices">
<m:properties>
<d:DeviceModel>Storm</d:DeviceModel>
<d:DeviceType>BlackBerry</d:DeviceType>
<d:DeviceSubType>Smartphone</d:DeviceSubType>
<d:DevicePhoneNumber>555-555-1212</d:DevicePhoneNumber>
<d:DeviceIMSI>123456</d:DeviceIMSI>
</m:properties>
</content>
</entry>
b. Implement the push notification listener interface in your application. For more
information on implementing the push notification listener interface, see Client Object
API Usage > Push Synchronization Applications in Developer Guide: BlackBerry
Object API Applications.
Registering the iOS Client

Register and enable your iOS device clients to receive push notifications.
a. Select Application > Applications > select the application > Properties.
b. In the Properties window, select Push Configuration > Add.
c. In the Push Configurations window, enter the Name, Domain, Type (APNS), Server
(APNS Server), Port, Feedback server, and Feedback port.
d. Browse and upload an Apple Push Notification Service p12 certificate, and enter the
certificate password.

e. Click OK to save.
2. Enable push notifications in the application itself:
a. Call the registerForRemoteNotificationTypes: method.
b. In your delegate, implement the application:(UIApplication *)app
didRegisterForRemoteNotificationsWithDeviceToken: and
application:(UIApplication *)app
didRegisterReceiveRemoteNotification: methods to receive the
device token and notifications.
c. Create an application connection, and include the ApnsDeviceToken, and DeviceType
properties.
PUT http://{domain-host-port}/odata/applications/v1/{appid}/
Connections/('{appcid}')
HTTP Headers "Content-Type" = "application/atom+xml"
Body:
<?xml version='1.0' encoding='utf-8'?>
dataservices" xml:base="http://host:port/odata/applications/
v1/com.example.IOS/">
<id>http://host:port/odata/applications/v1/com.example.IOS/
Connections('32552613-470f-45e0-8acc-b7d73d501682')</id>
<link rel="edit" title="Connection"
href="Connections('32552613-470f-45e0-8acc-b7d73d501682')" />
<category term="applications.Connection" scheme="http://
schemas.microsoft.com/ado/2007/08/dataservices/scheme" />
<m:properties>
<d:ApnsDeviceToken>{APNS device token received by the
application from APNS}</d:ApnsDeviceToken>
<d:DeviceType>iPhone</d:DeviceType>
</m:properties>
</content>
</entry>
3. Native mobile listener should be implemented by the application to get the notification.
Setting or Updating Application Settings

Set or update application settings by issuing a PUT or MERGE request.
Use the PUT method to update the application settings with all the properties in the request.
PUT http://domain:port/[public/]odata/applications/{v1|latest}/
{appid}/Connections(‘{appcid}’)
Use the MERGE method to update specified properties. Those properties that you do not
specify retain their current values.

Note: For a list of application connection properties for the HTTP client, see Reference >
Application Connection Properties in Developer Guide: REST API Applications.
The URL contains these components:
• domain – The SAP Mobile Platform domain where the requested resource is resolved or
the name of the SAP Mobile Server.
• port – The port for listening for OData requests; by default, 8000.
• “public” prefix – If included, an anonymous security configuration is used.
• odata/applications/ – Refers to the OData services associated to the application
resources.
• {V1|latest} – The version of the service document.
• appid – The name of the application.
• Connections – The name of the OData collection.
• appcid – The application connection ID of the application instance interacting with the
service.
Deleting an Application Connection

When you no longer require an application connection (for example, when a user logs out),
you can issue a DELETE method to delete the application connection using the same address
where you retrieve the application connection settings.
Retrieving a Customization Resource Bundle

You can retrieve a customization resource bundle by issuing a GET method.
Issue the GET method to the following URL:
http://domain:port/[public/] bundles/{appid}/[{resourceBundleName}]
For general authentication, and resource naming and resolution, apply the rules described in
Application Requirements > Authentication in Developer Guide: REST API Applications.
If the{resourceBundleName} is specified in the URL, the specified resource bundle is
returned in the response body as a stream, otherwise, the resource bundle bound to its
application connection settings is returned.
If the resource bundle is not found in SAP Mobile Platform, error code 404 is returned. You
cannot issue other HTTP methods (PUT/POST/DELETE) at the above URL.

Uploading Business Transactions for Tracing

Access the Business Transaction XML upload service to upload business transactions for
tracing.
Select one of the two URL modes, anonymous or authenticated upload.
For anonymous upload, perform a POST request at the following URL:
http(s)://domain:port/[public/]btx/{appid}
The {appid} is the application identifier.

Including /public in the URL uploads the BTX anonymously.
Note: The administrator must enable anonymous access for the application.
For authenticated upload, perform a POST request at the following URL:
http(s)://domain:port/btx/{appid}
The client must provide user credentials at the transport level (HTTP authentication).
Note: The above URL applies where the server name and domain name match. If they do not
match, use the X-SUP-DOMAIN header to specify the domain name.
Include two main elements in the request:
• The BTX content, which you send as a multipart form request (the standard encoding used
by browsers for HTTP file upload).
• The application identifier (provided in the URL)
For general authentication, and resource naming and resolution, apply the rules described in
Application Requirements > Authentication in Developer Guide: REST API Applications.
Upon receiving the client request, the SAP Mobile Server parses the multipart form request to
gather the BTX content sent by the client and send this content to the SAP® Solution Manager
in another multipart request.
For more information on supportability and the use of SAP Solution Manager with SAP
Mobile Platform, see System Administration.
Accessing a Service through a Proxy URL

Access your external service through a proxy URL. The URL supports read (HTTP GET),
create (HTTP POST), update (HTTP PUT or HTTP MERGE), and delete (HTTP DELETE)
Perform an HTTP request at the following URL:
http://domain:port/[public/]/{proxyName}


Reference
Reference
Describes REST API resources.
Note: The example in this section use basic authentication, which you can see in the HTTP
header, for example Authorization: Basic Base64-encoded string.
HTTP Headers and Cookies

Use HTTP headers and cookies to communicate application connection information or
override the default security configuration of the domain.
Headers
• X-SUP-DOMAIN – SAP Mobile Platform domain name to override the domain derived
from the URL.
For example, if the “mobile.sap.com” is the domain name requested in URL, but client
wants to use the “mobile.application” domain. In this case, client can send HTTP request
where X-SUP-DOMAIN header value will be “mobile.application”.
• X-SUP-SC – Security configuration to override domain default security configuration.
For example, “mobile.application” domain has two assigned security configurations:
“sc1” and “sc2”, and “sc1” is the default security configuration. By default, the “sc1” will
be used to authenticate user. If client wants to authenticate using “sc2”, it can send HTTP
request with the X-SUP-SC header as “sc2”.
Note: X-SUP-DOMAIN and X-SUP-SC complement each other but do not necessarily
need to be set together. If X-SUP-SC is used, you must associate the security configuration
to the domain in which the request is authenticated to allow a successful connection,
otherwise a 403 error is returned to the device. If a request refers to a non-existent domain
or security configuration, 404 error is returned to the device. If the domain is disabled, a
503 error is returned.
Cookies
Cookies are returned by servers in the HTTP response header (Set-Cookie header) and
included by the HTTP client (for example, a browser) in the subsequent HTTP request header
(cookie header).
• X-SUP-APPCID – Communicates the application connection ID as generated by the
application the request originates from, or as issued by the server during using the X-
SUP-APPCID response header and the permanent X-SUP-APPCID cookie. SAP Mobile
Platform response headers carry the X-SUP-APPCID regardless of whether or not the
incoming request carried a cookie or X-SUP-APPCID header. The X-SUP-APPCID value

Reference
has a maximum length of 128 characters. If the request does not carry an X-SUP-APPCID,
the server generates a value automatically.
X-SUP-APPCID is received as a cookie, but sent back to the server either as a cookie or as
a header.
• X-SUP-SECTOKEN – Cookie generated for anonymous registration.
Security token generated to protect anonymous registered application connection settings
not to be changed by other device users.
X-SUP-SECTOKEN is received as a cookie, but sent back to the server either as a cookie
or as a header.
• X-SUP-SESSID – X-SUP-SESSID is the actual JSESSIONID issued by the web
container. If X-SUP-SESSID is provided in the request header, server bypasses the
security configuration check during the session time.
If the X-SUP-SESSID is not provided, the SAP Mobile Platform performs authentication
through security configuration against backend security server.
The default session timeout is 30 minutes. If the session times out, or if the client does not
send the X-SUP-SESSID cookie in the request, a new session is created on the server.
You can change the default timeout by manually adding the session-timeout configuration
into the SMP_HOME\Servers\UnwiredServer\deploy\webapps
\httpchannel\WEB-INF\web.xml file, and restarting the server. You must
manually modify all the nodes:
<web-app>
...
<session-config>
<session-timeout>30</session-timeout>
</session-config>
...
</web-app>
Application Connection Properties

Describes application connection properties, and indicates whether the properties are read-
only or nullable from the HTTP client.
Note: If you attempt to modify a read-only property, the client application throws the
following exception: HTTP 403 - The property "XXX" cannot be updated
by a client application.
For usage and description of application connection properties, search for Application
Connection Properties in System Administration .

Reference
Table 1. Application Connection Properties: Uncategorized

Property Name Type Read-only? Is nullable?
ETag String Yes No
ApplicationConnectio- String Yes No

nId
Table 2. Application Connection Properties: Android Push

AndroidGcmPushEna- Boolean No No
bled
AndroidGcmRegistra- String No Yes

tionId
AndroidGcmSenderId String Yes Yes
Table 3. Application Connection Properties: Apple Push

ApnsPushEnable Boolean No No
ApnsAlerts Boolean No No
ApnsBadges Boolean No No
ApnsSounds Boolean No No
ApnsAlertMessage String Yes Yes
ApnsDeviceToken String No Yes
Table 4. Application Connection Properties: Application Settings

CustomizationBund- String Yes Yes
leId
ApplicationVersion String No Yes
ClientSdkVersion String No Yes

Reference
Table 5. Application Connection Properties: BlackBerry Push

BlackberryPushEna- Boolean No No
bled
BlackberryDevicePin String No Yes
BlackberryBESListe- Int32 No No
nerPort
Table 6. Application Connection Properties: Capabilities

CapabilitiesPassword- Boolean No No
Policy
Table 7. Application Connection Properties: Custom Settings

CustomCustom1 String No Yes
Table 8. Application Connection Properties: Device Information

DeviceModel String No Yes
DeviceType String No Yes
DeviceSubType String No Yes
DevicePhoneNumber String No Yes
DeviceIMSI String No Yes
Table 9. Application Connection Properties: Password Policy

PasswordPolicyEna- Boolean Yes No
bled

Reference

PasswordPolicyDe- Boolean Yes No
faultPasswordAllowed
PasswordPolicyMin- Int32 Yes No

Length
PasswordPolicyDigi- Boolean Yes No

tRequired
PasswordPolicyUpper- Boolean Yes No

Required
PasswordPolicyLo- Boolean Yes No

werRequired
PasswordPolicySpe- Boolean Yes No

cialRequired
PasswordPolicyExpir- Int32 Yes No

esInNDays
PasswordPolicyMinU- Int32 Yes No

niqueChars
PasswordPolicyLock- Int32 Yes No

Timeout
PasswordPolicyRetry- Int32 Yes No

Limit
Table 10. Application Connection Properties: Proxy

ProxyApplicationEnd- String Yes Yes
point
ProxyPushEndpoint String Yes Yes
Proxy Responses
Proxy responses include all the cookies and headers from the proxied backend. Refer to the
proxy documentation for more details.

Reference
Application Connections
Methods for creating, updating, or reading application connections.
Service Document
Get the service document for the application connection. Retrieving the service document
allows the client to discover the capabilities and locations of the available collections.
Syntax
Perform an HTTP GET request at the following URL:
http://domain:port/[public/]odata/applications/{v1|latest}/{appid}
Parameters
• appid – The application ID that uniquely identifies the application.
Returns
Returns a 200 OK status code if successful, and a service document in the response body.
Examples
• Service document – HTTP request header:
GET /odata/applications/v1/com.sap.myapp HTTP/1.1
Host: supserver:8000
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.3 (java 1.5)
Authorization: Basic REVWMDAwMTppbml0aWFs
HTTP response header:

HTTP/1.1 200 OK
Content-Type: application/xml;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: X-SUP-SESSID=97ts80gwhxkc;Path=/
Set-Cookie: X-SUP-APPCID=b6d50e93-bcaa-439d-9741-660a3cb56771
DataServiceVersion: 1.0
Date: Tue, 14 Aug 2012 21:28:55 GMT
Transfer-Encoding: chunked
The HTTP response body is a service document that describes a single collection named
"Connections” in SAP Mobile Platform:
<service xmlns="http://www.w3.org/2007/app"
xml:base="http://domain:port/appSettings/odata/v1/appid/"
xmlns:atom="http://www.w3.org/2005/Atom"

Reference
xmlns:app="http://www.w3.org/2007/app">
<workspace>
<atom:title>Default</atom:title>
<collection href="Connections">
<atom:title>Connections</atom:title>
</collection>
</workspace> </service>
Metadata
Get the metadata document that includes the metadata for the application connection settings.
Syntax
$metadata
Parameters
Returns
If successful, returns a 200 OK status code and a metadata document in the response body.
Examples
• Get Metadata – HTTP request header:
GET /odata/applications/v1/com.sap.myapp/$metadata HTTP/1.1

HTTP/1.1 200 OK
Date: Tue, 14 Aug 2012 21:32:34 GMT
HTTP response body (metadata):

<edmx:Edmx Version="1.0" xmlns:edmx="http://
schemas.microsoft.com/ado/2007/06/edmx"
xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices"
xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/
metadata"

Reference
xmlns:sup="http://www.sap.com/sup/odata">
<edmx:DataServices m:DataServiceVersion="1.0">
<Schema Namespace="applications" xmlns="http://
schemas.microsoft.com/ado/2006/04/edm
<EntityType Name="Connection">
<Key>
<PropertyRef Name="ApplicationConnectionId" />
</Key>
<Property Name="ETag" Type="Edm.String" Nullable="false"
sup:ReadOnly="true"/>
<Property Name="ApplicationConnectionId" Type="Edm.String"
Nullable="false" sup:ReadOnly="true"/>
<Property Name="AndroidGcmPushEnabled" Type="Edm.Boolean"
Nullable="false" sup:ReadOnly="false" />
<Property Name="AndroidGcmRegistrationId"
Type="Edm.String" Nullable="true" sup:ReadOnly="false" />
<Property Name="AndroidGcmSenderId" Type="Edm.String"
Nullable="true" sup:ReadOnly="true" />
<Property Name="ApnsPushEnable" Type="Edm.Boolean"
<Property Name="ApnsAlerts" Type="Edm.Boolean"
<Property Name="ApnsBadges" Type="Edm.Boolean"
<Property Name="ApnsSounds" Type="Edm.Boolean"
<Property Name="ApnsAlertMessage" Type="Edm.String"
<Property Name="ApnsDeviceToken" Type="Edm.String"
Nullable="true" sup:ReadOnly="false" />
<Property Name="CustomizationBundleId" Type="Edm.String"
<Property Name="ApplicationVersion" Type="Edm.String"
<Property Name="ClientSdkVersion" Type="Edm.String"
<Property Name="BlackberryPushEnabled" Type="Edm.Boolean"
<Property Name="BlackberryDevicePin" Type="Edm.String"
<Property Name="BlackberryBESListenerPort"
Type="Edm.Int32" Nullable="false" sup:ReadOnly="false" />
<Property Name="CapabilitiesPasswordPolicy"
Type="Edm.Boolean" Nullable="false" sup:ReadOnly="false" />
<Property Name="CustomCustom1" Type="Edm.String"
<Property Name="DeviceModel" Type="Edm.String"
<Property Name="DeviceType" Type="Edm.String"

Reference
<Property Name="DeviceSubType" Type="Edm.String"

<Property Name="DevicePhoneNumber" Type="Edm.String"
<Property Name="DeviceIMSI" Type="Edm.String"
<Property Name="PasswordPolicyEnabled" Type="Edm.Boolean"
Nullable="false" sup:ReadOnly="true" />
<Property Name="PasswordPolicyDefaultPasswordAllowed"
Type="Edm.Boolean" Nullable="false" sup:ReadOnly="true" />
<Property Name="PasswordPolicyMinLength" Type="Edm.Int32"
<Property Name="PasswordPolicyDigitRequired"
<Property Name="PasswordPolicyUpperRequired"
<Property Name="PasswordPolicyLowerRequired"
<Property Name="PasswordPolicySpecialRequired"
<Property Name="PasswordPolicyExpiresInNDays"
Type="Edm.Int32" Nullable="false" sup:ReadOnly="true" />
<Property Name="PasswordPolicyMinUniqueChars"
<Property Name="PasswordPolicyLockTimeout"
<Property Name="PasswordPolicyRetryLimit" Type="Edm.Int32"
<Property Name="ProxyApplicationEndpoint"
Type="Edm.String" Nullable="true" sup:ReadOnly="true" />
<Property Name="ProxyPushEndpoint" Type="Edm.String"
</EntityType>
<EntityContainer Name="Container"
m:IsDefaultEntityContainer="true">
<EntitySet Name="Connections"
EntityType="applications.Connection" />
</EntityContainer>
</Schema>
</edmx:DataServices>
</edmx:Edmx>
Create Application Connection

Create an application connection and initially set the application connection settings. Because
all application connection settings are optional, the minimal body contains no properties at all.
SAP Mobile Platform populates default values as needed.
Syntax
Perform an HTTP POST request at the following URL:
http://domain:port/[public/]/odata/applications/{v1|latest}/
{appid}/Connections

Reference
Parameters
Returns
If successful, a 201 Created status code is returned, and the new application connection
settings are included in the response body.
Examples
• Create application connection – Example HTTP request header:
POST /odata/applications/v1/com.sap.myapp/Connections HTTP/1.1
Content-Length: 4704
Content-Type: application/atom+xml; charset=UTF-8
Example HTTP response header:

HTTP/1.1 201 Created
Content-Type: application/atom+xml;charset=utf-8
Location: http:/supserver:8000/applications/
Connections('b6d50e93-bcaa-439d-9741-660a3cb56771')
Date: Mon, 13 Aug 2012 22:40:50 GMT
Minimal body:
<?xml version="1.0" encoding="UTF-8"?>
<entry xml:base="http://localhost:8000/public/odata/applications/
v1/com.sap.myapp/"
xmlns="http://www.w3.org/2005/Atom" xmlns:m="http://
xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices">
<m:properties>
</m:properties>
</content>
</entry>
Get Application Settings

Get the application settings.
Syntax

Reference
Parameters
service.
Returns
If successful, returns a 200 OK status code and an HTTP response body with the application
settings.
Examples
• Get application settings – HTTP request header:
GET /odata/applications/v1/com.sap.myapp/Connections('b6d50e93-
bcaa-439d-9741-660a3cb56771') HTTP/1.1
Cookie: X-SUP-APPCID=b6d50e93-bcaa-439d-9741-660a3cb56771; X-SUP-
SESSID=97ts80gwhxkc

HTTP/1.1 200 OK
Date: Mon, 13 Aug 2012 22:56:50 GMT
HTTP response body:

<entry xmlns="http://www.w3.org/2005/Atom"
xmlns:m="http://schemas.microsoft.com/ado/2007/08/
dataservices/metadata"
dataservices"
xml:base="http://localhost:8000/odata/applications/v1/
e2eTest/">
<id>http://localhost:8000/odata/applications/v1/e2eTest/
Connections('c9d8a9da-9f36-4ae5-9da5-37d6d90483b5')</id>
<title type="text" />
<updated>2012-06-28T09:55:48Z</updated>
<author><name /></author>
<link rel="edit" title="Connections"
href="Connections('c9d8a9da-9f36-4ae5-9da5-37d6d90483b5')" />

Reference
schemas.microsoft.com/ado/2007/08/dataservices/scheme" />
<m:properties>
<d:ETag>2012-06-28 17:55:47.685</d:ETag>
<d:ApplicationConnectionId>c9d8a9da-9f36-4ae5-9da5-37d6d90483b5</
d:ApplicationConnectionId>
<d:AndroidGcmPushEnabled m:type="Edm.Boolean">false</
d:AndroidGcmPushEnabled>
<d:AndroidGcmRegistrationId m:null="true" />
<d:AndroidGcmSenderId m:null="true" />
<d:ApnsPushEnable m:type="Edm.Boolean">true</
d:ApnsPushEnable>
<d:ApnsAlerts m:type="Edm.Boolean">true</d:ApnsAlerts>
<d:ApnsBadgesm:type="Edm.Boolean">true</d:ApnsBadges>
<d:ApnsSounds m:type="Edm.Boolean">true</d:ApnsSounds>
<d:ApnsAlertMessage>New Items Available</d:ApnsAlertMessage>
<d:ApnsDeviceToken m:null="true" />
<d:CustomizationBundleId>TestMDC:1.0</d:
CustomizationBundleId>
<d:ApplicationVersion m:null="true" />
<d:ClientSdkVersion m:null="true" />
<d:BlackberryPushEnabled m:type="Edm.Boolean">true</
d:BlackberryPushEnabled>
<d:BlackberryDevicePin>00000000</d:BlackberryDevicePin>
<d:BlackberryBESListenerPort m:type="Edm.Int32">5011</
d:BlackberryBESListenerPort>
<d:CapabilitiesPasswordPolicy m:type="Edm.Boolean">false</
d:CapabilitiesPasswordPolicy>
<d:CustomCustom1>custom1</d:CustomCustom1>
<d:CustomCustom2 m:null="true" />
<d:DeviceModel m:null="true" />
<d:DeviceType>Unknown</d:DeviceType>
<d:DeviceSubType m:null="true" />
<d:DevicePhoneNumber>12345678901</d:DevicePhoneNumber>
<d:DeviceIMSI m:null="true" />
<d:PasswordPolicyEnabled m:type="Edm.Boolean">true</
d:PasswordPolicyEnabled>
<d:PasswordPolicyDefaultPasswordAllowed
m:type="Edm.Boolean">false</
d:PasswordPolicyDefaultPasswordAllowed>
<d:PasswordPolicyMinLength m:type="Edm.Int32">8</
d:PasswordPolicyMinLength>
<d:PasswordPolicyDigitRequired m:type="Edm.Boolean">false</
d:PasswordPolicyDigitRequired>
<d:PasswordPolicyUpperRequired m:type="Edm.Boolean">false</
d:PasswordPolicyUpperRequired>
<d:PasswordPolicyLowerRequired m:type="Edm.Boolean">false</
d:PasswordPolicyLowerRequired>
<d:PasswordPolicySpecialRequired
m:type="Edm.Boolean">false</d:PasswordPolicySpecialRequired>
<d:PasswordPolicyExpiresInNDays m:type="Edm.Int32">0</
d:PasswordPolicyExpiresInNDays>
<d:PasswordPolicyMinUniqueChars m:type="Edm.Int32">0</

Reference
d:PasswordPolicyMinUniqueChars>
<d:PasswordPolicyLockTimeout m:type="Edm.Int32">0</
d:PasswordPolicyLockTimeout>
<d:PasswordPolicyRetryLimit m:type="Edm.Int32">20</
d:PasswordPolicyRetryLimit>
<d:ProxyApplicationEndpointm:null="true" />
<d:ProxyPushEndpoint>http://domain:8000/GWC/
SUPNotification</d:ProxyPushEndpoint>
</content>
</entry>
Get Application Settings (Property)

Get the specific property value for a property from the application settings.
Syntax
Connections(‘{appcid}’)/<property-name>
Parameters
service.
• property-name – The property-name can be appended to the URL to retrieve the value of
a specific property.
Returns
If successful, returns a 200 OK status code and an HTTP response body with the application
settings.
Examples
• Get the DeviceType property – HTTP request:
GET /odata/applications/v1/com.sap.myapp/Connections('b6d50e93-
bcaa-439d-9741-660a3cb56771')/DeviceType HTTP/1.1
SESSID=97ts80gwhxkc

HTTP/1.1 200 OK

Reference
Date: Mon, 13 Aug 2012 23:00:27 GMT
HTTP response body:

<DeviceType xmlns="http://schemas.microsoft.com/ado/2007/08/
dataservices">
Windows
</DeviceType>
Update Application Settings (PUT)

Update the application settings with all the properties in the request.
Any properties that you do not specify (and which can be changed) are set to the default value.
Syntax
PUT http://domain:port/[public/]odata/applications/{v1|latest}/
{appid}/Connections(‘{appcid}’)
Parameters
service.
Returns
When processing a PUT request, SAP Mobile Platform returns a 200 status code to indicate
success, and there is no response body.
If you never explicitly registered the client, returns a 404 status code.
Examples
• Update application settings (PUT) – HTTP request header:
PUT /odata/applications/v1/com.sap.myapp/Connections('b6d50e93-
bcaa-439d-9741-660a3cb56771') HTTP/1.1
SESSID=97ts80gwhxkc
[PUT HTTP request message body]


Reference
HTTP/1.1 200 OK
Date: Mon, 13 Aug 2012 23:07:51 GMT
Content-Length: 0
Update Application Settings (MERGE)

Update the specified application settings.
Use the MERGE method to update the specified properties. Those properties that you do not
specify retain their current values.
Syntax
Perform a MERGE request at the following URL:
Parameters
service.
Returns
If successful, returns a 200 OK status code.
If you never explicitly registered the client, returns a 404 status code.
Examples
• Update application settings (MERGE) – HTTP request header:
POST /odata/applications/v1/com.sap.myapp/Connections('b6d50e93-
bcaa-439d-9741-660a3cb56771') HTTP/1.1
X-HTTP-METHOD:MERGE
SESSID=97ts80gwhxkc
[MERGE HTTP request message body]

HTTP request body:
<entry xmlns="http://www.w3.org/2005/Atom"

Reference
dataservices"
xmlns:m="http://schemas.microsoft.com/ado/2007/08/
dataservices/metadata">
<title type="text"/>
<updated>2012-06-15T02:23:29Z</updated>
<author>
<name/>
</author>
schemas.microsoft.com/ado/2007/08/dataservices/scheme"/>
<m:properties>
<d:DeviceType>Unknown</d:DeviceType>
…
</m:properties>
</content>
</entry>

HTTP/1.1 200 OK
Content-Length: 0
Date: Mon, 13 Aug 2012 23:13:04 GMT
Delete Application Connection

Delete an application connection.
Syntax
Perform an HTTP DELETE request at the following URL:
Parameters
service.
Returns
If successful, returns a 200 OK status code.
If you never explicity registered the client, returns a 404 status code.

Reference
Examples
• Delete application connection – HTTP request:
DELETE /odata/applications/v1/com.sap.myapp/
Connections('b6d50e93-bcaa-439d-9741-660a3cb56771') HTTP/1.1
SESSID=97ts80gwhxkc
HTTP response:
HTTP/1.1 200 OK
Date: Mon, 13 Aug 2012 23:19:42 GMT
Content-Length: 0
Application Customization Resource Bundles

Methods for customizing applications.
Download Customization Resource Bundle

Download the customization resource bundle.
Note: Downloading customization resource bundle using REST API is supported only in
Object API SDK or OData SDK applications.
Syntax
http://domain:port/[public/] bundles/{appid}/[{resourceBundleName}]
Parameters
• resourceBundleName – Optionally specifies a resource bundle to be returned.
Returns
If you specify the {resourceBundleName} in the URL, the specified resource bundle is
returned in the response body as a stream. Otherwise, the resource bundle bound to its
application connection settings is returned.

Reference
Examples
• Download – HTTP request:
GET /bundles/com.sap.myapp/MyApp:1.0 HTTP/1.1
SESSID=97ts80gwhxkc
HTTP response:
HTTP/1.1 200 OK
[resource bundle content]
Usage
For information on the format of customization resource bundles, see Administer >
Applications > Maintaining Activated Applications > Modifying Application Properties >
Application Customization Resource Bundles in SAP Control Center for SAP Mobile
Platform.
Business Transactions
Methods for uploading business transactions.
Upload BTX
Access the Business Transaction XML upload service to upload business transactions for
tracing.
Upon receiving the client request, the SAP Mobile Server parses the multipart form request to
gather the Business Transaction content sent by the client and sends this content to the SAP
Solution Manager in another multipart request.
Syntax
Perform a POST request to the following URL:
http://domain:port/[public/]btx/{appid}
Parameters
None.

Reference
Returns
On successful upload, the client receives a 201 Created status code. Otherwise, an HTTP
failure code and failure message are returned.
Examples
• Upload Business Transaction – HTTP request header:
POST /btx/com.sap.myapp/ HTTP/1.1
SESSID=97ts80gwhxkc
Content-Length: 40
[POST HTTP request message body]

HTTP/1.1 201 Created
Date: Mon, 13 Aug 2012 22:40:50 GMT
Usage
Use this method to support your application using SAP Solution Manager. See SAP Solution
Manager documentation for more information.
Proxy Connections
Methods for accessing proxy connections.
Access External Service

SAP Mobile Server can also be used for accessing odata services provided by any external
OData provider. The proxy URL supports read (HTTP GET), create (HTTP POST), update
(HTTP PUT or HTTP MERGE), and delete (HTTP DELETE).
Syntax
Perform an HTTP request at the following URL:
http://domain:port/[public/]/{proxyName}

Reference
Parameters
• proxyName – URL represents one of the configured proxy connection endpoints (data
services exposed through SAP Mobile Platform) whitelisted.
Returns
If successful, returns a 200 OK status code and a response body.
Examples
• Access external service – HTTP request header:
GET /com.sap.myapp HTTP/1.1
SESSID=97ts80gwhxkc

HTTP/1.1 200 OK
Content-Type: application/atomsvc+xml
server: SAP NetWeaver Application Server / ABAP 731
dataserviceversion: 2.0
set-cookie: SAP_SESSIONID_DG1_001=<Some-Token>; path=/
set-cookie: MYSAPSSO2=<SSO-Token>; path=/; domain=.sap.com

Index
Index
A
application connection template 10 R
D Relay Server installation
documentation roadmap 3 pass-through mode for HTTP clients 6
domain security configuration
creating 8

Index

SAP Mobile Platform 2.3: Developer Guide: REST API Applications

Uploaded by

Copyright:

Available Formats

SAP Mobile Platform 2.3: Developer Guide: REST API Applications

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SAP Mobile Platform 2.3: Developer Guide: REST API Applications

Uploaded by

Copyright:

Available Formats

Developer Guide: REST API Applications

SAP Mobile Platform 2.3

Developer Guide: REST API Applications iii

Uploading Business Transactions for Tracing ..............21

iv SAP Mobile Platform

REST Services Applications

Developer Guide: REST API Applications 1

2 SAP Mobile Platform

Documentation Roadmap for SAP Mobile

Developer Guide: REST API Applications 3

4 SAP Mobile Platform

Developer Guide: REST API Applications 5

Supported Username Variations

Relay Server Pass-Through Mode for HTTP Clients

6 SAP Mobile Platform

Configuring SAP Mobile Server

Developer Guide: REST API Applications 7

Creating a Security Configuration for a Domain

8 SAP Mobile Platform

Creating a Proxy Connection (Whitelisting)

Developer Guide: REST API Applications 9

Managing Applications Connections

Creating Application Connection Templates

1. In the left navigation pane, click the Applications node.

10 SAP Mobile Platform

Assigning the Security Configurations

Developer Guide: REST API Applications 11

12 SAP Mobile Platform

Developing the Application

Request URL Format

For an Apache host:

Developer Guide: REST API Applications 13

Creating an Application Connection

The URL contains these components:

14 SAP Mobile Platform

connection properties, search for Application Connection Properties in System

Anonymous Application Connections

Getting Application Settings

Developer Guide: REST API Applications 15

Getting Changed Settings

Registering the Client for Native Push Notification

Registering the Android Client

16 SAP Mobile Platform

Developer Guide: REST API Applications 17

Registering the BlackBerry Client

Registering the iOS Client

18 SAP Mobile Platform

Setting or Updating Application Settings

Developer Guide: REST API Applications 19

Deleting an Application Connection

Retrieving a Customization Resource Bundle

20 SAP Mobile Platform

Uploading Business Transactions for Tracing

The {appid} is the application identifier.

Accessing a Service through a Proxy URL

Developer Guide: REST API Applications 21

22 SAP Mobile Platform

HTTP Headers and Cookies

Developer Guide: REST API Applications 23