There are service provider types delivered by SAP, for example, SAP JAM, that use SAML 2.0 bearer assertion flow to grant the OAuth 2.0 client an access token.
To access a resource protected by OAuth 2.0, an OAuth 2.0 client must authenticate using an access token. The grant type SAML 2.0 bearer assertion is used to get an initial access token from an OAuth 2.0 authorization server. The AS ABAP triggers SAML 2.0 bearer assertion flow without interaction from users. As a prerequisite, a trust relationship between the authorization server and the AS ABAP must be in place so that SAML 2.0 bearer assertions can be issued by the AS ABAP and be accepted by the authorization server.
The grant type SAML 2.0 bearer assertion refers to the IETF draft of SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants. For more information, see the IETF web site.
Perform the SAML 2.0 bearer assertion flow if no access token is available in the the OAuth 2.0 client. This flow can also be executed later if the access tokens have expired. You can also use the refresh flow to issue refresh tokens. This flow does not require any user interaction.