label | synopsis | status |
---|---|---|
Remote Services |
Class `cds.RemoteService` is a service proxy class to consume remote services via different [protocols](/node.js/cds-serve#cds-protocols), like OData or plain REST.
|
released |
Class cds.RemoteService
is a service proxy class to consume remote services via different protocols, like OData or plain REST.
[[toc]]
If the remote system you want to consume requires it, you can enable the new CSRF-token handling of @sap-cloud-sdk/core
via configuration options csrf
and csrfInBatch
. These options allow to configure CSRF-token handling for each remote service separately.
"cds": {
"requires": {
"API_BUSINESS_PARTNER": {
"kind": "odata",
"model": "srv/external/API_BUSINESS_PARTNER",
"csrf": true,
"csrfInBatch": true
}
}
}
In this example, CSRF handling is enabled for the API_BUSINESS_PARTNER
service, for regular requests (csrf: true
) and requests made within batch operations (csrfInBatch: true
).
Actually csrf: true
is a convenient preset. If needed, you can further customize the CSRF-token handling with additional parameters:
"cds": {
"requires": {
"API_BUSINESS_PARTNER": {
...
"csrf": { // [!code focus]
"method": "get", // [!code focus]
"url": "..." // [!code focus]
}
}
}
}
Here, the CSRF-token handling is customized at a more granular level:
method
: The HTTP method for fetching the CSRF token. The default ishead
.url
: The URL for fetching the CSRF token. The default is the resource path without parameters.
::: tip See Using Destinations for more details on destination configuration. :::
This documentation is not complete yet, or the APIs are not released for general availability. There's more to come in this place in upcoming releases.