To verify whether you as an end user can access the service provider API, you must
create an OAuth 2.0 access token for your service provider.
Procedure
- Call the grant endpoint in the AS ABAP using a dedicated URL.
Example
https://<host_name>:<port_number>/sap/bc/sec/oauth2/client/grant/authorization?profile=<client_profile_name>
The AS ABAP authenticates the end users by checking the client profile
name. It redirects the end users' browser to the authorization endpoint of the
AS ABAP and of the service provider.
- Authenticate as an end user at the service provider account with the
appropriate credentials.
The service provider prompts you to confirm the OAuth 2.0
scopes.
- Select or confirm the OAuth 2.0 scopes and request them.
Your browser redirects you to the AS ABAP. From now on, access tokens
and refresh tokens are available in the AS ABAP. The browser redirects the end
users to the grant application, and repeated access to the service provider is
possible.