Prerequisites for Configuration of an OAuth 2.0 Client for Accessing a Service
Provider
Developers, administrators, and end users need OAuth 2.0-specific authorizations in the AS ABAP. In addition, OAuth 2.0 must be enabled in the AS ABAP and in the service provider.
-
Users who want to use OAuth 2.0 for communication must have the following authorizations:
Table 1: OAuth 2.0 Client Related Authorizations Authorization Role Description S_DEVELOP (for development object OA2P) Developer Required for creating an OAuth 2.0 client profile S_OA2C_ADM (at least activities 01, 02, and 03) Administrator Required for configuring an OAuth 2.0 client S_OA2C_USE End user Required for using the client. The end user needs the following authorization values: - PROFILE=<profile_name> (to access the service provider API)
- ACTVT=16 (for token request)
-
The SSL/TLS settings of the AS ABAP must be configured correctly because OAuth 2.0 access tokens must only be sent using transport layer security.
-
If the AS ABAP accesses the Internet with a proxy server, make sure you have configured Internet access in Maintain Services (transaction SICF). For more information, see the related link.
-
(For external service providers) You have created the required configuration at the service provider.
-
(For external service providers) You have set the authorizations and the password in the service provider's configuration so that they correspond to those of the OAuth 2.0 client from the AS ABAP.