SAP ABAP Cloud Developer Trial Setup with Podman
Article ID: 437991
Updated On:
Products
Issue/Introduction
This guide provides step-by-step instructions for setting up the SAP ABAP Cloud Developer Trial using Podman as the container runtime.
Environment
Important: Environment Information
This guide is for the ABAP Cloud Developer Trial containerized environment, which is designed for local development and testing purposes. The configuration steps documented here (particularly the BC_EXT_APPJOB_MANAGEMENT OData API setup) are applicable to:
SAP S/4HANA Public Cloud SAP S/4HANA Cloud Private Edition ABAP Platform Trial (this container) - Local development environment mimicking cloud behavior
NOT applicable to:
· SAP S/4HANA On-Premise (traditional ABAP stack) - Different API and configuration approach
· SAP NetWeaver ABAP - Legacy systems with different architecture
Key Characteristics of ABAP Cloud Environments:
· Uses Communication Management (Communication Users, Systems, Arrangements) instead of RFC destinations
· OData APIs follow SAP_COM_XXXX communication scenarios
· RESTful ABAP Programming (RAP) is the primary development model
· Follows ABAP Cloud development restrictions (clean core principles)
· Fiori Launchpad-based administration apps
Resolution
Where Can You Use This Documentation?
This guide covers both local container setup (Podman) and API configuration that applies across multiple SAP cloud environments:
Fully Applicable To:
Environment Description Use Case
SAP S/4HANA Public Cloud Public Cloud Production cloud applications, multi-tenant SaaS
SAP S/4HANA Cloud Private
Edition Private Cloud Single-tenant cloud with SAP-managed infrastructure
ABAP Platform Trial
(Container) Local Development Development, learning, proof-of-concept, testing
API Configuration Steps (Section 5) are identical across all three environments:
· Communication Users, Systems, and Arrangements
· BC_EXT_APPJOB_MANAGEMENT OData API setup
· SAP_COM_0064 communication scenario
· Authentication and security model
NOT Applicable To:
Environment Why Not? Alternative Approach
SAP S/4HANA On-
Premise Traditional ABAP stack without Communication Management See On-Premise Configuration per SAP Note 3527503
SAP NetWeaver
AS ABAP Legacy architecture Different API exposure methods (ICF, Gateway, RFC)
Older SAP ECC
Systems No ABAP Cloud support Traditional development and integration patterns
Key Differences: ABAP Cloud vs. Traditional ABAP
Feature ABAP Cloud (This Guide) Traditional On-Premise
Authentication Communication Users (technical) Business/Service Users (SU01)
API Exposure Communication Arrangements with Scenarios /IWFND/MAINT_SERVICE + PFCG roles
Administration Fiori Launchpad apps Transaction codes (SM59, SICF, PFCG, etc.)
Development
Model RAP (RESTful ABAP Programming) Classical ABAP with full language access
OData
Services Managed via Communication Management Managed via transaction /IWFND/MAINT_SERVICE
Job Scheduling
API BC_EXT_APPJOB_MANAGEMENT (auto-configured) BC_EXT_APPJOB_MANAGEMENT (manual - SAP Note 3527503)
Authorization
Model Business Catalogs PFCG Roles with S_BTCH_JOB, S_PROGRAM, etc.
Configuration
Section Cloud Configuration On-Premise Configuration
Using This Guide
· Sections 1-4 (Prerequisites through Accessing): Specific to running the local ABAP Platform Trial container with Podman
· Section 5 - Cloud Configuration: For Public Cloud, Private Cloud, and Trial environments (ABAP Cloud)
· Section 5 - On-Premise Configuration: Complete guide for SAP S/4HANA On-Premise systems based on SAP Note 3527503
· Container Management & Troubleshooting: Universal across all environments with specific notes where applicable
Migration Note
If you're working with SAP S/4HANA On-Premise and planning to migrate to cloud:
1. This trial environment is an excellent sandbox to learn ABAP Cloud development patterns
2. Test your integrations using the Communication Management approach
3. Understand restrictions and approved APIs before starting cloud development
4. Use this to validate cloud-compatible code before deploying to SAP S/4HANA Public Cloud
Prerequisites
Software Requirements
· Podman installed on your system o Windows: Download from Podman Desktop
o Linux: Install via package manager (e.g., sudo apt install podman or sudo dnf install podman)
o macOS: Install via Homebrew (brew install podman)
· SAP GUI or ABAP Development Tools (ADT) for Eclipse
· Stable internet connection for downloading the container image (~30GB)
System Requirements
· CPU: 4 cores minimum (6 cores recommended)
· RAM: 16GB minimum; 28-32GB highly recommended to prevent HANA database crashes
· Storage: At least 150-170 GB of available disk space
· Architecture: x86_64 (amd64)
o Note: M-series Apple Silicon Macs are supported but require proper VM resource allocation
Installation Steps
Step 1: Initialize Podman Machine (macOS/Windows Only)
If you're running Podman on macOS or Windows, you need to initialize a virtual machine with sufficient resources:
# Initialize Podman machine with recommended resources
podman machine init --cpus 6 --memory 28672 --disk-size 170
# Start the Podman machine
podman machine start
# Verify the machine is running
podman machine list
Note: Linux users can skip this step as Podman runs natively.
Step 2: Pull the ABAP Cloud Developer Trial Image
Pull the latest ABAP Cloud Developer Trial image from Docker Hub:
# Pull the 2023 version (latest stable release)
podman pull sapse/abap-cloud-developer-trial:2023
Note: This download is approximately 30GB and may take significant time depending on your internet connection.
Step 3: Verify Image Download
# List downloaded images
podman images | grep abap-cloud-developer-trial
You should see output similar to:
sapse/abap-cloud-developer-trial 2023 <image-id> <date> 30GB
Step 4: Run the Container
Start the ABAP Cloud Developer Trial container with the following command:
podman run --stop-timeout 3600 -it \
--name abap-cloud-trial \
--hostname vhcala4hci \
-p 3200:3200 \
-p 3300:3300 \
-p 8443:8443 \
-p 3600:3600 \
-p 8000:8000 \
-p 44300:44300 \
sapse/abap-cloud-developer-trial:2023
Port Mapping Explanation:
· 3200: SAP GUI / RFC
· 3300: SAP GUI / RFC (additional)
· 8443: SAP Fiori Launchpad (HTTPS)
· 3600: SAP Cloud Connector
· 8000: ICM HTTP
· 44300: HANA Database
Important: The --stop-timeout 3600 parameter is critical—it allows up to 1 hour for the SAP HANA database to shut down cleanly when stopping the container.
Step 5: Wait for System Startup
The first startup takes approximately 30-45 minutes as the system initializes all components. Watch the console output for:
*** All services have been started. ***
***
*** To stop and be able to safely start again use Ctrl-C
*** Or use the stop command with timeout: docker stop -t 7200 ...
***
*** Have fun! ***
Configuration
Default System Information
Parameter Value
System ID A4H
Instance Number 00
Hostname somsapehost.example.com
Client 001
Language EN
Default Users
User Client Password Description
DEVELOPER 001 ABAPtr2023#00 ABAP Developer User
DDIC 000 ABAPtr2023#00 Data Dictionary User
SAP* 000 ABAPtr2023#00 Emergency/License User
Security Note: Change these default passwords immediately after first login.
Accessing the System
SAP GUI Connection
1. Open SAP Logon
2. Create a new connection with these details:
· Application Server: localhost (or your host IP)
· Instance Number: 00
· System ID: A4H
1. Log in with user DEVELOPER in client 001
ABAP Development Tools (ADT)
1. Open Eclipse with ADT plugins
2. Add a new ABAP Project
3. Connection details:
· System ID: A4H
· Application Server: localhost
· Instance Number: 00
· Client: 001
· User: DEVELOPER
· Password: ABAPtr2023#00
SAP Fiori Launchpad
Access via browser:
https://localhost:8443/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html
Note: You may need to accept the self-signed certificate warning.
Post-Installation Tasks
1. Update System License
The trial system includes a 3-month license. To extend it:
1. Log in to client 000 with user SAP*
2. Run transaction SLICENSE
3. Copy the Hardware Key 4. Visit SAP License Keys for Preview, Evaluation, and Developer Versions
5. Generate a new license key
6. Install the new license in transaction SLICENSE
2. Change Default Passwords
For security, change all default passwords:
* Run transaction SU01 to change user passwords
* Recommended: Use transaction SECPOL to enforce password policies
3. Configure Time Zone
1. Run transaction STZAC
2. Set your local time zone
3. Save and restart the system if needed
4. Optional: Enable External Access
If accessing from other machines on your network, replace localhost with your machine's IP address in connection strings.
5. Enable BC_EXT_APPJOB_MANAGEMENT OData API
The BC_EXT_APPJOB_MANAGEMENT OData API enables external scheduler integration, allowing external applications to manage and monitor Application Jobs programmatically.
Environment-Specific Configuration: The configuration steps differ based on your SAP environment:
ABAP Cloud Environments (Public Cloud, Private Cloud, Trial):
· Use Communication Management (Communication Users, Systems, Arrangements)
· Automatic service activation via scenario SAP_COM_0064
· See: Cloud Configuration
SAP S/4HANA On-Premise:
· Use Manual Service Activation (/IWFND/MAINT_SERVICE, PFCG roles)
· Requires external scheduler registration via program APJ_REGISTER_EXT_SCHED
· See: On-Premise Configuration
---
Cloud Configuration (Public, Private Cloud, Trial)
Applicable to:
· SAP S/4HANA Public Cloud
· SAP S/4HANA Cloud Private Edition
· ABAP Platform Trial (this container)
Configuration Method: Communication Management (Fiori Launchpad apps)
Prerequisites
· Business user with role containing business catalog SAP_CORE_BC_COM (e.g., SAP_BR_ADMINISTRATOR) · Access to Fiori Launchpad (https://localhost:8443)
· System fully started and licensed
Cloud Step 1: Create a Communication User
1. Log in to the Fiori Launchpad with an administrator user (e.g., DEVELOPER)
2. Search for and open the Maintain Communication Users app
3. Click New to create a new communication user
4. Fill in the details:
· User Name: APPJOB_API_USER (or your preferred name)
· Description: User for Application Jobs API
1. Click Propose Password to generate a secure password
2. Important: Copy and save the generated password securely - you'll need it for API authentication
3. Click Create to save the user
Cloud Step 2: Create a Communication System
1. In the Fiori Launchpad, search for and open the Communication Systems app
2. Click New to create a new system
3. Enter the following details:
· System ID: EXT_SCHEDULER_SYS (or your preferred ID)
· System Name: Will be auto-filled based on System ID
1. Click Create
2. In the Technical Data section:
· Check Inbound Only (since this is for external systems calling into SAP)
1. In the Users for Inbound Communication section:
· Click the + button to add a user
· Select User Name and Password as the authentication method
· Select the communication user created in Step 1 (APPJOB_API_USER)
· Click OK
1. Click Save
Cloud Step 3: Create a Communication Arrangement
1. In the Fiori Launchpad, search for and open the Communication Arrangements app
2. Click New to create a new arrangement
3. In the Scenario field, search for and select:
· Scenario ID: SAP_COM_0064 (External Scheduler Integration)
· Scenario Name: External Scheduler Integration
1. Provide an Arrangement Name (e.g., EXTERNAL_SCHEDULER_ARRANGEMENT)
2. Click Create
3. In the Common Data section:
· Communication System: Select the system created in Step 2 (EXT_SCHEDULER_SYS)
· The system will automatically populate the Inbound Communication user
1. In the Inbound Services section, you should see the OData service:
· Service Name: BC_EXT_APPJOB_MANAGEMENT
· Service Status: Should show as active (green)
· Service URL: Copy this URL - this is your API endpoint
1. Click Save
Cloud Step 4: Verify API Access
Test the API connection using a REST client (e.g., Postman, curl, or Python):
Example using curl:
# Get the service metadata
curl -X GET \
"https://localhost:8443/sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/$metadata" \
-u "APPJOB_API_USER:<password>" \
-k
# List application job templates
curl -X GET \
"https://localhost:8443/sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobTemplateSet" \
-u "APPJOB_API_USER:<password>" \
-k \
-H "Accept: application/json"
Example using Python:
import requests
from requests.auth import HTTPBasicAuth
# Configuration
base_url = "https://localhost:8443/sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT"
username = "APPJOB_API_USER"
password = "<your_password>"
# Disable SSL warnings for self-signed certificates (development only!)
requests.packages.urllib3.disable_warnings()
# Test connection - Get job templates
response = requests.get(
f"{base_url}/JobTemplateSet",
auth=HTTPBasicAuth(username, password),
headers={"Accept": "application/json"},
verify=False # Only for development with self-signed certs
)
if response.status_code == 200:
print("✓ API connection successful!")
print(f"Response: {response.json()}")
else:
print(f"✗ API connection failed with status {response.status_code}")
print(f"Error: {response.text}")
Note: The -k flag in curl and verify=False in Python disable SSL certificate verification. This is acceptable for local development with self-signed certificates, but should never be used in production.
Cloud API Capabilities
The BC_EXT_APPJOB_MANAGEMENT API provides the following entity sets:
Entity Set Description Operations
JobTemplateSet Application job templates GET, POST
JobRunSet Scheduled and executed job runs GET, POST, DELETE
JobRunStepSet Individual steps within a job run GET
JobCountSet Job execution statistics GET
JobLogSet Job execution logs GET
Cloud Common API Operations
1. List all Job Templates:
GET /sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobTemplateSet
2. Schedule a Job (On-Premise - Use Registered User):
POST /sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobRunSet
Content-Type: application/json
{
"JobTemplateName": "YOUR_TEMPLATE_NAME",
"JobName": "MyScheduledJob_001",
"StartImmediate": true
}
Note: For On-Premise, authenticate with the registered technical user (e.g., ZAPPJOB_API) that was registered using APJ_REGISTER_EXT_SCHED. The system uses the authenticated user to validate the scheduler registration (via SAP_COM_0326 and table APJ_EXT_REG_2).
3. Check Job Status:
GET /sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobRunSet('JOB_RUN_ID')
4. Get Job Logs:
GET /sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobLogSet?$filter=JobName eq 'MyScheduledJob_001'
Cloud Troubleshooting
Issue: 401 Unauthorized Error
· Verify the communication user credentials
· Ensure the user is assigned to the communication system
· Check that the communication arrangement is active
Issue: 403 Forbidden Error
· Verify the business user has the required authorization catalog
· Check the communication arrangement configuration
· Ensure the inbound service is activated
Issue: Service URL not accessible
· Verify the container ports are properly mapped (port 8443)
· Check firewall settings
· Ensure the system is fully started
· Try accessing the Fiori Launchpad first to confirm connectivity
Issue: Certificate errors
· Accept the self-signed certificate in your browser first
· Use -k flag in curl or verify=False in requests library for development
· For production, import the certificate into your trusted store
Security Best Practices
1. Change Default Passwords: Always change the generated communication user password
2. Use HTTPS: Never transmit credentials over unencrypted connections
3. Limit Permissions: Grant only the minimum required authorizations
4. Monitor API Usage: Regularly review communication user activity logs
5. Rotate Credentials: Periodically update communication user passwords
6. IP Whitelisting: Consider restricting access to known IP addresses (in production)
Cloud Additional Resources · SAP Business Accelerator Hub - BC_EXT_APPJOB_MANAGEMENT · SAP Help - Application Jobs
· Transaction SM37 - Job Overview (for monitoring via SAP GUI)
· Transaction SCOT - SAPconnect Administration
---
On-Premise Configuration
Applicable to:
· SAP S/4HANA On-Premise
Configuration Method: Manual service activation, PFCG roles, external scheduler registration
Important: The configuration steps above (Cloud Configuration) apply to ABAP Cloud environments only (S/4HANA Public Cloud, S/4HANA Cloud Private Edition, Trial). For SAP S/4HANA On-Premise systems, follow the different approach documented below based on SAP Note 3527503.
On-Premise vs. Cloud Configuration Differences
SAP S/4HANA On-Premise systems use a traditional ABAP stack with different architecture and security models. The BC_EXT_APPJOB_MANAGEMENT API is available but requires manual configuration.
Critical On-Premise Requirement: To use BC_EXT_APPJOB_MANAGEMENT with SAP S/4HANA On-Premise, you must register the external scheduler using an ABAP program included with SAP Note 3527503. This step is not required in cloud environments where schedulers are automatically registered.
Aspect Cloud Configuration On-Premise Configuration
Configuration
Method Communication Arrangements Manual service activation
Service Activation Automatic via SAP_COM_0064 Transaction /IWFND/MAINT_SERVICE
Authentication Communication Users Business Users or Service Users
Authorization
Model Business Catalogs (SAP_CORE_BC_COM) PFCG Roles with specific auth objects
User Management Maintain Communication Users app Transaction SU01
Service Registry Automatic Manual registration in Gateway
Scheduler
Registration Automatic Required: Run program APJ_REGISTER_EXT_SCHED
SAP Note
Reference Standard cloud documentation SAP Note 3527503
On-Premise Prerequisites
· SAP S/4HANA On-Premise system (minimum version as per SAP Note 3527503)
· SAP Note 3527503 downloaded and reviewed (includes scheduler registration program)
· SAP Gateway component installed and configured
· Authorization to use transactions /IWFND/MAINT_SERVICE, /IWFND/GW_CLIENT, PFCG, SU01, SE38
· Basic understanding of OData service activation in SAP Gateway
· Access to SAP Support Portal to download SAP Note 3527503
On-Premise Step 1: Verify Service Availability
1. Log in to SAP GUI with an administrator user
2. Run transaction **/IWFND/MAINT_SERVICE** (Activate and Maintain Services)
3. Click Add Service
4. In the popup:
· System Alias: LOCAL (or your configured backend alias)
· External Service Name: BC_EXT_APPJOB_MANAGEMENT_0001 (check exact name in your system)
1. Click Get Services to search
2. If the service appears, it's available for activation
On-Premise Step 2: Activate the OData Service
1. In transaction /IWFND/MAINT_SERVICE
2. Select Add Service button
3. Search for and select BC_EXT_APPJOB_MANAGEMENT
4. Specify:
· Package Assignment: $TMP (for testing) or your custom package
· Service Name: Keep default or customize
· Description: "Application Jobs External Management API"
1. Click Add Selected Services
2. The system will register the service in the Gateway
On-Premise Step 3: Test Service Activation
1. In transaction /IWFND/MAINT_SERVICE, find your activated service
2. Click on the service line
3. Click SAP Gateway Client button (or use transaction /IWFND/GW_CLIENT)
4. Test the metadata endpoint:
· URI: /sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/$metadata
· HTTP Method: GET
1. Click Execute
2. You should receive HTTP 200 with XML metadata
On-Premise Step 4: Create Service User
Unlike Communication Users in cloud, on-premise uses standard SAP users:
1. Run transaction **SU01** (User Maintenance)
2. Create a new user:
· User Type: System or Service
· User Name: ZAPPJOB_API (your naming convention)
· Password: Set a strong password
1. Assign initial authorization (will refine in next step)
On-Premise Step 5: Configure Authorization
The BC_EXT_APPJOB_MANAGEMENT API requires specific authorization objects:
1. Run transaction **PFCG** (Role Maintenance)
2. Create a new role: Z_APPJOB_API_ROLE
3. Go to Authorizations tab
4. Click Change Authorization Data
5. Add the following authorization objects manually:
Required Authorization Objects:
* Job Scheduling and Management
S_BTCH_JOB - Background Processing: Operations on Background Jobs
- JOBACTION: RELE (Release), SHOW (Display)
- JOBGROUP: * (or specific groups)
* Job Administration
S_BTCH_ADM - Background Processing: Background Administrator
- BTCADMIN: Y (Yes)
* Program Execution
S_PROGRAM - ABAP: Program Execution
- P_ACTION: SUBMIT
- P_GROUP: * (or specific groups)
* RFC Authorization (if needed for external calls)
S_RFC - Authorization Check for RFC Access
- RFC_TYPE: Function Module
- RFC_NAME: * (or specific functions)
- ACTVT: 16 (Execute)
* Optional: Service Execution
S_SERVICE - Check at Start of External Services
- SRV_NAME: BC_EXT_APPJOB_MANAGEMENT
- SRV_TYPE: HTTP
1. Generate the profile
2. Assign the role to user ZAPPJOB_API in transaction SU01
On-Premise Step 6: Configure ICF Service (If Required)
1. Run transaction **SICF** (HTTP Service Hierarchy Maintenance)
2. Navigate to: /default_host/sap/opu/odata/sap/BC_EXT_APPJOB_MANAGEMENT
3. Right-click the service → Activate
4. Check Service Data:
· Ensure Anonymous Logon is NOT enabled (security)
· Authentication should be set appropriately
On-Premise Step 7: Register External Schedulerd
Critical for On-Premise: Unlike cloud environments where schedulers are automatically registered, On-Premise systems require manual external scheduler registration before the BC_EXT_APPJOB_MANAGEMENT API can be used.
SAP Note 3527503 includes the ABAP program APJ_REGISTER_EXT_SCHED for scheduler registration:
1. Access the Registration Program:
· Program Name: **APJ_REGISTER_EXT_SCHED**
· Execute via transaction **SE38** or **SA38**
1. Run the Scheduler Registration Program: The program requires the following parameters:
Parameter Type Description Example
USER Communication User The technical user created in Step 4 ZAPPJOB_API
COMPANY Company/Organization Name of your company/organization ACME Corporation
PRODUCT Product Name Name of your external scheduler product Custom Scheduler v1.0
DELETE Checkbox Check to unregister instead of register Unchecked (for registration)
Program Execution: 3. How the Program Works:
· Uses Communication Scenario **SAP_COM_0326** (hardcoded in the program)
· Inserts registration into system table APJ_EXT_REG_2
· Creates entry with timestamp and creating user
· Each combination of CS_NAME + CA_USER must be unique
1. Expected Output: On Success: On Error (e.g., already exists):
2. Verify Registration:
· Check the program output for success message
o Alternatively, verify in table APJ_EXT_REG_2 using transaction **SE16** or **SE16N**:
o Table: APJ_EXT_REG_2
o Filter: CS_NAME = 'SAP_COM_0326' AND CA_USER = 'ZAPPJOB_API'
1. To Unregister a Scheduler:
· Run the same program
· Check the DELETE checkbox
· Provide the same USER parameter
· Success message: Scheduler successfully unregistered
Important Notes:
· The program automatically uses Communication Scenario SAP_COM_0326
· Each technical user (CA_USER) can only be registered once per communication scenario
· The COMPANY and PRODUCT parameters are metadata for identification purposes
· If you get "already exists" error, either use a different user or unregister first
· Registration is required before any API calls can be made
Program Source (from SAP Note 3527503):
REPORT APJ_REGISTER_EXT_SCHED.
DATA: wa TYPE apj_ext_reg_2,
ts TYPE timestampl.
PARAMETERS: user TYPE sy-uname OBLIGATORY,
company TYPE apj_ext_company OBLIGATORY,
product TYPE apj_ext_product OBLIGATORY,
delete TYPE c AS CHECKBOX.
GET TIME STAMP FIELD ts.
wa-cs_name = 'SAP_COM_0326'.
wa-ca_user = user.
wa-company = company.
wa-product = product.
wa-created_by = sy-uname.
wa-created_at = ts.
IF delete IS INITIAL.
INSERT apj_ext_reg_2 FROM wa.
IF sy-subrc = 0.
WRITE: / 'Scheduler successfully registered'.
ELSE.
WRITE: / 'Error. Maybe entry already exists'.
ENDIF.
ELSE.
DELETE FROM apj_ext_reg_2 WHERE cs_name = wa-cs_name
AND ca_user = wa-ca_user.
IF sy-subrc = 0.
WRITE: / 'Scheduler successfully unregistered'.
ELSE.
WRITE: / 'Error. No such registration'.
ENDIF.
ENDIF.
On-Premise Step 8: Test API Access
Using curl:
# Test from external system
curl -X GET \
"http://your-s4hana-host:8000/sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobTemplateSet" \
-u "ZAPPJOB_API:password" \
-H "Accept: application/json"
Using Postman:
· Method: GET
· URL: http://your-s4hana-host:8000/sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobTemplateSet
· Auth: Basic Authentication
· Username: ZAPPJOB_API
· Password: <your_password>
Using SAP Gateway Client (Transaction /IWFND/GW_CLIENT):
· Request URI: /sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT/JobTemplateSet
· HTTP Method: GET
· User: ZAPPJOB_API
On-Premise Specific Considerations
1. Network Configuration
· Firewall Rules: Ensure ports (typically 8000 for HTTP, 44300 for HTTPS) are open
· SAP Router: May be required for external access
· Reverse Proxy: Consider for production (SAP Web Dispatcher, nginx)
2. SSL/TLS Configuration
· On-premise systems require manual SSL certificate configuration
· Use transaction STRUST to manage SSL certificates
· Generate or import certificates for HTTPS endpoints
3. Authorization Strategy
On-premise offers more granular control:
· Limit job execution to specific users/groups using S_BTCH_JOB
· Restrict program execution with S_PROGRAM
· Use authorization traces (ST01) to identify missing permissions
4. Performance Considerations
· Gateway connection pooling configuration
· IDoc monitoring if jobs trigger IDoc processing
· Background job server group configuration (transaction RZ12)
On-Premise Troubleshooting
Issue: Service Not Found in /IWFND/MAINT_SERVICE
Solution:
1. Check SAP Note 3527503 for version compatibility
2. Verify SAP Gateway components are installed (transaction SMICM)
3. Run service registration report (program /IWFND/CL_SODATA_SRV_REGISTRATION)
Issue: Authorization Error (HTTP 403)
Solution:
1. Run authorization trace: Transaction ST01 or STAUTHTRACE
2. Execute the API call while trace is active
3. Review missing authorization objects
4. Add to role in transaction PFCG
Issue: Service Inactive
Solution:
1. Check ICF service status in transaction SICF
2. Navigate to service node and activate
3. Verify no transport locks on the service
Issue: Gateway Errors (HTTP 500)
Solution:
1. Check Gateway error log: Transaction /IWFND/ERROR_LOG
2. Review application log: Transaction SLG1
3. Check system log: Transaction SM21
4. Verify backend conne
Issue: Scheduler Not Registered / User Not Registered
Cause: External scheduler user has not been registered in the system (On-Premise only)
Solution:
1. Verify you have downloaded and reviewed SAP Note 3527503
2. Run program **APJ_REGISTER_EXT_SCHED** via transaction SE38 or SA38
3. Provide required parameters:
· USER: Technical user name (e.g., ZAPPJOB_API)
· COMPANY: Your company/organization name
· PRODUCT: Your scheduler product name
· DELETE: Leave unchecked for registration
1. Verify success message: "Scheduler successfully registered"
2. If you get "Error. Maybe entry already exists", check table APJ_EXT_REG_2 in SE16N
3. Retry API calls using the registered technical user for authentication
Error Symptoms:
· API returns authorization errors
· Job scheduling fails with "user not registered" or similar messages
· Missing entries in table APJ_EXT_REG_2 for communication scenario SAP_COM_0326
Verification Query:
-- Check in SE16N or SE16
Table: APJ_EXT_REG_2
Where: CS_NAME = 'SAP_COM_0326'
AND CA_USER = 'ZAPPJOB_API' (your user)
On-Premise SAP Note 3527503 Details
Reference: Consult SAP Note 3527503 in the SAP Support Portal for:
· Minimum release requirements
· Patch levels needed
· ABAP program APJ_REGISTER_EXT_SCHED for external scheduler registration
· Known issues and corrections
· Version-specific configuration steps
· Support component assignment
What's Included in the Note:
1. Registration Program: APJ_REGISTER_EXT_SCHED
· Source code for the registration program
· Inserts/deletes entries in table APJ_EXT_REG_2
· Uses communication scenario SAP_COM_0326
· Parameters: USER, COMPANY, PRODUCT, DELETE
1. Technical Details:
· Corrections to BC_EXT_APPJOB_MANAGEMENT service definition
· Authorization object requirements
· Database table structure (APJ_EXT_REG_2)
· Communication scenario details
1. Implementation Guide:
· Step-by-step configuration instructions
· Authorization setup recommendations
· Performance optimization notes
· Bug fixes for specific operations
Program Functionality:
· Registers technical users as external schedulers
· Links users to communication scenario SAP_COM_0326
· Stores metadata (company, product) for identification
· Provides unregister functionality via DELETE parameter
· Simple insert/delete operations with clear success/error messages
Comparison: When to Use Each Approach
Scenario Recommended Approach
Developing cloud-native applications Cloud Configuration - Use S/4HANA Public Cloud
Testing cloud integrations locally Cloud Configuration - Use this Podman trial
Integrating with existing S/4HANA
On-Premise On-Premise Configuration - Manual activation
Migrating from On-Premise to Cloud Start with On-Premise, test with Cloud trial, deploy to Public Cloud
Hybrid landscape (both environments) Implement both approaches, maintain parallel configurations
On-Premise to Cloud Migration Path
If you're planning to migrate from On-Premise to ABAP Cloud:
1. Document Current Setup: Export PFCG roles, note authorization requirements
2. Test in Trial: Use this Podman environment to validate cloud compatibility
3. Map Authorizations: Convert PFCG roles to Business Catalogs
4. Recreate as Communication Arrangements: Follow Section 5 approach
5. Test API Compatibility: Ensure existing integrations work with minimal changes
6. Deploy to Public Cloud: Use lessons learned from trial environment
On-Premise Quick Reference
Essential Steps Checklist:
· Download and review SAP Note 3527503
· Activate service in /IWFND/MAINT_SERVICE
· Create service user in SU01 (e.g., ZAPPJOB_API)
· Configure authorizations in PFCG (S_BTCH_JOB, S_BTCH_ADM, S_PROGRAM, S_RFC)
· Activate ICF service in SICF
· Run program APJ_REGISTER_EXT_SCHED to register the user
· Verify registration in table APJ_EXT_REG_2
· Test API using the registered user for authentication
Key Transactions:
· /IWFND/MAINT_SERVICE - Service activation
· /IWFND/GW_CLIENT - API testing
· SU01 - User management
· PFCG - Role/authorization management
· SICF - ICF service activation
· SE38 / SA38 - Run program APJ_REGISTER_EXT_SCHED
· SE16 / SE16N - View table APJ_EXT_REG_2 (verification)
· SM37 - Job monitoring
· /IWFND/ERROR_LOG - Gateway error analysis
Critical Parameters:
· Program Name: APJ_REGISTER_EXT_SCHED
· Communication Scenario: SAP_COM_0326 (automatically used by program)
· Registration Table: APJ_EXT_REG_2
· Technical User: Must be registered before API use (e.g., ZAPPJOB_API)
· Service URL: http(s)://host:port/sap/opu/odata/SAP/BC_EXT_APPJOB_MANAGEMENT
Registration Program Parameters:
· USER: Technical user name (mandatory)
· COMPANY: Your organization name (mandatory)
· PRODUCT: Your scheduler product name (mandatory)
· DELETE: Checkbox - check to unregister, uncheck to register
Common Pitfalls:
1. Forgetting to run APJ_REGISTER_EXT_SCHED → API calls fail with authorization errors
2. Missing S_BTCH_JOB authorization → Job submission denied
3. User already registered → Run program with DELETE checkbox to unregister first
4. Using unregistered user for API authentication → Scheduler validation fails
5. Using Communication Management approach → Wrong architecture for On-Premise
Container Management
Stop the Container
# Graceful shutdown (allows HANA to stop properly)
podman stop abap-cloud-trial
# This will take several minutes due to --stop-timeout 3600
Start Existing Container
# Start the previously created container
podman start -ai abap-cloud-trial
# Startup takes ~10-15 minutes
Check Container Status
# View running containers
podman ps
# View all containers (including stopped)
podman ps -a
# Check container logs
podman logs abap-cloud-trial
Remove Container
# Stop and remove the container
podman stop abap-cloud-trial
podman rm abap-cloud-trial
# Remove the image (optional)
podman rmi sapse/abap-cloud-developer-trial:2023
Troubleshooting
Issue: Container Crashes or HANA Fails to Start
Cause: Insufficient RAM allocation
Solution:
· Increase RAM to at least 28GB for Podman machine
· Close other memory-intensive applications
· Restart Podman machine:
· podman machine stop
· podman machine rm
· podman machine init --cpus 6 --memory 28672 --disk-size 170
· podman machine start
Issue: Cannot Connect via SAP GUI
Cause: Port forwarding not working or firewall blocking
Solution:
· Verify ports are exposed: podman port abap-cloud-trial
· Check Windows Firewall or antivirus settings
· Ensure Podman machine is running: podman machine list
Issue: "Disk Full" Error
Cause: Insufficient disk space allocated
Solution:
· Increase disk size when initializing machine
· Clean up unused containers and images:
· podman system prune -a
Issue: Slow Performance
Solutions:
· Allocate more CPU cores (6-8 recommended)
· Increase RAM allocation
· Ensure no other containers are running
· Check host system resource usage
Issue: Certificate Errors in Browser
Cause: Self-signed SSL certificate
Solution:
· Accept the certificate warning in your browser
· Or add the certificate to your trusted certificates
Additional Resources
Official Documentation · SAP ABAP Platform Trial Image Documentation · Docker Hub - ABAP Cloud Developer Trial
SAP Community · Get support by posting questions with tag #abap_trial on SAP Community · ABAP Cloud Developer Trial 2023 Announcement
Learning Resources · ABAP Development on SAP S/4HANA Public Cloud · SAP Learning Hub · openSAP Free Online Courses
Podman Documentation · Podman Official Documentation · Podman Desktop
Best Practices
1. Resource Management
· Always allocate sufficient resources before starting
· Monitor system resources during operation
· Use podman stats to check resource usage
1. Data Persistence
· Consider using volumes for persistent data
· Regular exports of development objects
· Backup important customizations
1. System Maintenance
· Regularly update the license (every 3 months)
· Keep Podman updated to the latest version
· Monitor HANA database health
1. Development Workflow
· Use transport requests for moving objects
· Follow ABAP Cloud development guidelines
· Test in the trial system before production
Quick Reference Commands
# Initialize and start Podman machine
podman machine init --cpus 6 --memory 28672 --disk-size 170
podman machine start
# Pull and run container
podman pull sapse/abap-cloud-developer-trial:2023
podman run --stop-timeout 3600 -it --name abap-cloud-trial \
--hostname vhcalnplci \
-p 3200:3200 -p 3300:3300 -p 8443:8443 -p 3600:3600 \
-p 8000:8000 -p 44300:44300 \
sapse/abap-cloud-developer-trial:2023
# Container management
podman start -ai abap-cloud-trial # Start existing container
podman stop abap-cloud-trial # Stop container (takes time!)
podman logs abap-cloud-trial # View logs
podman exec -it abap-cloud-trial bash # Access container shell
# Cleanup
podman stop abap-cloud-trial
podman rm abap-cloud-trial
podman system prune -a
Feedback
