FYI - you should remove or redact the Authorization details from your log file. I put the URL into an HTTPCaller, and the IP it tried was different to your log file, 110.76.177.. instead of 10.78.75.. Don't know if that's relevant. Else, try without a web connection, I see in your log it references a different user 'HIPPELO'

The IP will be different as it is an on premise SAP instance, and only the user name is exposed (but will remove it)

@jackyd​ In the link you shared the authorization method shows only 'basic'.

In the HTTPCaller could you try the basic authentication type as a quick test to see if the web connection is causing an issue? ( Use Authentication > Authentication Method).

It wasn't clear you have tried this.

And as ctredinnick has shared... are you using the same user in Postman as HTTPCaller?

I have seen some applications that can restrict 'Applications' from accessing an endpoint or service... could it be that FME is not seen as an authorized application where Postman is? (low chance this is the issue).

The error may not be a simple as 401.

Could you try turning on Log Debug in FME Options to see if that shares any more helpful information.

Don't use a web connection, just do basic authentication. If you add a List Attribute for response headers, and set it to not follow redirects, then you will be able to capture the returned x_csrf_token and cookie to use in subsequent requests. You'll see in your log it was set to follow redirects, the HTTPCaller has made two requests. You need to capture what was returned after the first call, and add it as special headers to your second request back to the API.

Thanks @ctredinnick​, The web connection was a basic connection and i had tried both with no luck.

It appears the redicrect is just load balancing but at least i know that now :)

Thank you both, we did some troubleshooting on Friday and i now have the log from the SAP and it appears the via FME it is trying to do SSO, despite selecting Basic auth.

Any thoughts?

I have attached a copy of the calls from the SAP log

We are going to investigate the SSO option as well, we have ben using basic as it is how our SAP vendor set us up for this test

@jackyd​ Consider opening a case with us at www.safe.com/support and cite this question. It's not clear what is happening. I am not certain the HTTPCaller is trying SSO - but it looks suspicious, indeed.

Furthermore, you mention a load balancer. Are you in a position to point to one of the database nodes directly (if the LB is in front of more than 1 node)?

Could that be confusing FME?