CSRF Token Validation Failed Error while triggering a PATCH request from Microsoft Power Virtual Agent BOT to S/4 HANA through OData service

Question

We are getting an error while trying to trigger a PATCH request via HTTP AZURE Gateway from Power Virtual Agent BOT to S/4 HANA through OData v2 service. The same service works fine when we test it from POSTMAN and through SAP Gateway Client.

The BOT is deployed on MS Teams.

Below are the steps which are configured from BOT perspective:

1. Trigger a GET request to fetch the CSRF token using below HTTP headers

   Authorization: Bearer(tokenvalue) X-CSRF-Token: Fetch Set-Cookie: Fetch

   The above cookie value is being converted to eliminate '/', spaces and commas. The same has been replaced with %2F, %2b and; respectively in the encoded format.

2. Once the CSRF token is fetched, it is stored in a local variable and passed to PATCH request

   Authorization: Bearer(tokenvalue) X-CSRF-Token: Cookie:

Below is the error we are able to see in Power Automate Flow.
**
 "error": {

    "code": 403,   

      "message": "The response is not in a JSON format.",

       "innerError": "CSRF token validation failed"

  }

}
```**

We are expecting success call for this PATCH request. This is working fine with same user when tested in POSTMAN and native SAP gateway client.

Answer 1

you are using the microsoft on-premise-gateway to connect your odata service. the on-premise-gateway establishes always a new http connection that expires the X-CSRF-TOKEN maybe this will be supported in a later version