Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Check out the New Agent Creator Community
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Automate - Using Connectors / SAP connector using SS...
Power Automate - Using Connectors
Unanswered

SAP connector using SSO : Error from token exchange

(0) ShareShare
ReportReport
Posted on by jpreston4 167

We want to connect Power Platform to SAP using SSO. We have setup the onprem gateway. and environment. We can create a Flow to SAP using SAP hardcoded authentication. To setup SSO, we have followed this article , https://blogs.sap.com/2023/06/19/principal-propagation-in-a-multi-cloud-solution-between-microsoft-azure-and-sap-part-vii-invoke-rfcs-and-bapis-with-kerberos-delegation-from-microsoft-power-platform/

 

In the 'Call SAP function (v2)' step, we have used this configuration

{ "MessageServerHost": "",

"Client": "xxx",

"LogonType": "Group",

"MessageServerService": "xxxx",

"SncLibraryPath": "",

"SncPartnerName": "",

"SncQOP": "Default",

"SncSso": "On",

"SystemID": "",

"UseSnc": "true" }

 

When we run the flow, we get error " Error from token exchange : Permission denied due to missing Connection ACL" Please advise

  • scottwoodall Profile Picture
    scottwoodall Microsoft Employee on at
    Re: SAP connector using SSO : Error from token exchange

    @jjpreston291 thank you for sharing.

     

    For this particular error, the most helpful logs will be on the on-premises data gateway server. We can increase the verbosity of our SAP Common Crypto Lib logs by editing the sapcrypto.ini file on the gateway machine. Add the following and then restart the on-premises data gateway service.

     

    ccl/trace/level=4
    ccl/trace/directory=C:\somedirectory\logs

     

    After these changes have been made and the service restarted; go back to Power Automate and reproduce the error. There should be additional log files in the directory that you specified to help understand the root cause.

  • jpreston4 Profile Picture
    jpreston4 167 on at
    Re: SAP connector using SSO : Error from token exchange

    @Scott 

    Thanks for the response. 

    ID is "65524db4-20b8-4d54-ab94-555368d9949c"

     

    jjpreston291_0-1695138353671.png

     

  • scottwoodall Profile Picture
    scottwoodall Microsoft Employee on at
    Re: SAP connector using SSO : Error from token exchange

    Hello @jjpreston291 -

     

    Can you share a client request ID so I can check our logs to investigate further? If there isn't a client request ID that is presented in the user interface; you can check the browsers developer tools for this information.

     

    Cheers,

    Scott

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Check out the New Agent Creator Community

Quick Links

Michael Gernaey – Community Spotlight

We are honored to recognize Michael Gernaey as our June 2025 Community…

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

Leaderboard >

Last month Overall leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans