Import SAP OData metadata as an API

APPLIES TO: All API Management tiers

This article describes how to import an OData (Open Data Protocol) service into Azure API Management by using OData metadata. The following example uses SAP Gateway Foundation.

In this article, you learn how to:

Retrieve OData metadata from your SAP service
Import OData metadata to Azure API Management, either directly or after converting it to an OpenAPI specification
Complete API configuration
Test the API in the Azure portal

Prerequisites

Create an API Management instance.
An SAP system and service that's exposed as OData v2 or v4.
If your SAP backend uses a self-signed certificate (for testing), you might need to disable the verification of the trust chain for SSL. To do so, configure a backend in your API Management instance:
1. In the Azure portal, under APIs, select Backends > + Create new backend.
2. Add a Custom URL that points to the SAP backend service.
3. Expand the Advanced section, then clear the Validate certificate chain and Validate certificate name checkboxes.
Note

In production scenarios, use proper certificates for end-to-end SSL verification.

Retrieve OData metadata from your SAP service

Use one of the following methods to retrieve metadata XML from your SAP service. If you plan to convert the metadata XML to an OpenAPI specification, save the file locally.

Use the SAP Gateway Client (transaction /IWFND/GW_CLIENT).
Make a direct HTTP call to retrieve the XML: http://<OData server URL>:<port>/<path>/$metadata.

Go to your API Management instance

In the Azure portal, search for and select API Management services:
On the API Management services page, select your API Management instance:

Import an API to API Management

Choose one of the following methods to import your API to API Management:

Import the metadata XML as an OData API directly.
Convert the metadata XML to an OpenAPI specification.

OData metadata
OpenAPI specification

Import OData metadata

In the sidebar menu, select APIs > APIs, and then select + Add API.
Under Create from definition, select the OData tile:
Enter API settings. You can update your settings later by going to the Settings tab of the API.
1. In OData specification, enter a URL for an OData metadata endpoint. This value is typically the URL to the service root, appended with /$metadata. Alternatively, select a local OData XML file to import.
2. Enter additional settings to configure your API. These settings are explained in the Import and publish your first API tutorial.
Select Create.

The API is added to the list of APIs. The entity sets and functions that are exposed in the OData metadata description appear on the API's Entity sets and functions tab.

Update the OData schema

You can access an editor in the portal to view your API's OData schema. If the API changes, you can also update the schema in API Management from a file or an OData service endpoint.

In the sidebar menu, APIs > APIs, and then select your OData API.
On the Entity sets and functions tab, select the ellipsis (...) next to an entity set or function, and then select Edit.
Review the schema. If you want to update it, select Update from file or Update schema from endpoint.

Test your OData API

In the sidebar menu, APIs > APIs, and then select your OData API.
On the Entity sets and functions tab, select the ellipsis (...) next to an entity set or function, and then select Test.
In the test console, enter template parameters, query parameters, and headers for your test, and then select Test. For more information about testing APIs in the portal, see Test the new API in the portal.

Secure your OData API

Secure your OData API by applying existing authentication and authorization policies and an OData validation policy to protect against attacks through OData API requests.

Tip

In the portal, configure policies for your OData API on the API policies tab.

Convert OData metadata to OpenAPI JSON

Use an OASIS open-source tool for OData v2 or OData v4, depending on your metadata XML.

The following example converts OData v2 XML for the test service epm_ref_apps_prod_man_srv:
```
odata-openapi -p --basePath '/sap/opu/odata/sap/epm_ref_apps_prod_man_srv' \
 --scheme https --host <your IP address>:<your SSL port> \
 ./epm_ref_apps_prod_man_srv.xml
```
Note
- For testing with a single XML file, you can use a web-based converter that's based on an open-source tool.
- With the tool or the web-based converter, specifying the <IP address>:<port> of your SAP OData server is optional. Alternatively, add this information later in your generated OpenAPI specification or after you import the file to API Management.
Save the openapi-spec.json file locally for import to API Management.

Import OpenAPI specification

In the sidebar menu, in the APIs section, select APIs.
Under Create from definition, select the OpenAPI tile:
Choose Select a file, and then select the openapi-spec.json file that you saved locally in a previous step.
Enter API settings. You can set these values when you import the API or configure them later by going to the Settings tab.
- For the API URL suffix, we recommend using the same URL path as that of the original SAP service.
- For more information about API settings, see Import and publish your first API tutorial.
Select Create.

Note

For information about API import limitations, see API import restrictions and known issues.

Complete the API configuration

Add the following three operations to the API that you imported. To learn how, see Add and test an operation.

GET /$metadata

Operation	Description	Additional configuration for the operation
`GET /$metadata`	Enables API Management to reach the `$metadata` endpoint, which is required for client integration with the OData server. This required operation isn't included in the OpenAPI specification that you generated and imported.	Add a `200 OK` response.

Screenshot that shows the GET metadata operation.

HEAD /

Operation	Description
`HEAD /`	Enables the client to exchange cross-site request forgery (CSRF) tokens with the SAP server when required. SAP also allows CSRF token exchange via the GET verb. CSRF token exchange isn’t covered in this article. See an example API Management policy snippet to broker token exchange.

Screenshot that shows the operation for fetching tokens.

GET /

Operation	Description	Additional configuration for the operation
`GET /`	Enables policy configuration at the service root.	Configure the following inbound rewrite-uri policy to append a trailing slash to requests that are forwarded to the service root: `<rewrite-uri template="/" copy-unmatched-params="true" />` This policy removes potential ambiguity among requests with and without trailing slashes. These two types of requests are treated differently by some backends.

Screenshot that shows the GET operation for the service root.

You also need to configure authentication to your backend by using an appropriate method for your environment. For examples, see Authentication and authorization.

Test your API

Navigate to your API Management instance.
In the sidebar menu, select APIs > APIs.
Under All APIs, select your imported API.
Select the Test tab to access the test console.
Select an operation, enter any required values, and then select Send.

For example, test the GET /$metadata call to verify connectivity to the SAP backend.
View the response. To troubleshoot, trace the call.
When you're done testing, exit the test console.

Production considerations

See an example end-to-end scenario for integrating API Management with an SAP gateway.
Control access to an SAP backend by using API Management policies. For example, if the API is imported as an OData API, use the validate OData request policy. There are also policy snippets for SAP principal propagation for SAP ECC or S/4HANA or SAP SuccessFactors and fetching an X-CSRF token.
For guidance on deploying, managing, and migrating APIs at scale, see:
- Automated API deployments with APIOps
- Use DevOps and CI/CD to publish APIs

คำติชม

หน้านี้มีประโยชน์หรือไม่

Last updated on 2026-03-27