feat: new methods to return destination instance id and client id for agw#198
Merged
Conversation
cassiofariasmachado
previously approved these changes
Jul 6, 2026
8e5606a to
d816255
Compare
d816255 to
de19d4e
Compare
cassiofariasmachado
approved these changes
Jul 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds two new public methods and supporting infrastructure for resolving runtime identity credentials:
DestinationClient.get_service_instance_id(): reads the destination service instance ID from mounted secrets via the standard mount/env-var fallback resolver. RaisesDestinationOperationErroron failure.AgentGatewayClient.get_ias_client_id(): returns the IAS client ID, auto-detecting agent type (Customer vs LoB). Customer agents readclient_idfrom the mounted credentials file; LoB agents fetch thesap-managed-runtime-ias-{landscape}destination at provider subaccount level using the newskip_token_retrievaloption. RaisesAgentGatewaySDKErroron failure.ConsumptionOptions.skip_token_retrieval: new field that passes$skipTokenRetrieval=trueto the Destination Service v2 API, skipping OAuth2 token exchange when only destination properties are needed.Both methods are instrumented with telemetry (
record_metrics) and covered by unit and integration tests.Related Issue
Closes #
Type of Change
How to Test
uv run pytest tests/destination/unit/test_client.py::TestGetServiceInstanceId tests/agentgateway/unit/test_agw_client.py::TestGetIasClientId tests/agentgateway/unit/test_lob.py::TestGetIasClientIdLob -vget_service_instance_id: setCLOUD_SDK_CFG_DESTINATION_DEFAULT_INSTANCEID=<your-id>and callDestinationClient(...).get_service_instance_id()— expect the value back; unset the env var and call again — expectDestinationOperationError.get_ias_client_id(LoB): with a bound destination service andAPPFND_CONHOS_LANDSCAPEset, callAgentGatewayClient(tenant_subdomain="...").get_ias_client_id()— expect the IASclientIdfrom thesap-managed-runtime-ias-{landscape}destination.get_ias_client_id(Customer): with a credentials file mounted at the standard path, callAgentGatewayClient().get_ias_client_id()— expectclient_idfrom the credentials file.uv run pytest tests/destination/integration/ tests/agentgateway/integration/ -k "instance_id or ias_client_id"Checklist
Additional Notes
The
skip_token_retrievaloption is used internally by the LoB flow ofget_ias_client_id()to avoid an unnecessary OAuth2 token exchange when fetching the IAS destination — only the destination properties (clientId) are needed. The$skipTokenRetrievalquery parameter is a supported Destination Service v2 API feature.