I've started some time ago a journey with SAP Fiori and first Fiori apps. It was not that smooth as I've expected, but now with experience received during that period I feel more and more comfortable with it. That's why when I've heard that I need to create an simple app in Fiori to create new incident in our helpdesk system. 


Normally it looks very simple both from backend and UI point of view, but the issue was that I had to make the possible to use the app without the logon to SAP.

SSO is not possible yet in my company so I've setup the SICF node of the application to use specific credentials for logon, and here the surprise started :) 

 HTTP request failed403,,CSRF token validation failed error appear when I was calling oModel.create method......


Trying to get the security token didn't helped as as I finally found the info that in case there is no explicit logon to SAP Fiori Frontend Server, the token is given and the create method is not allowed....

So I was trying to find other solution and as only Read method was possible, I've tried to use this one. 

First of all I had to change the model. I've setup all the fields beside the ID of the incident to a key field.


Then in WebIDE I've changed the call of the function behind the save button to use Read method. 



On the backend side I've redefined the get_entity method for the inscidentSet and I've used the data passed in the IT_KEY_TAB to fill the mandatory fields of my helpdesk webservice.




At the end of the method I'm filling the incident ID so I can show it to the user after successful save :)