The OAuth 2.0 implementation with AS ABAP has the following components:
The authorization server includes the token endpoint (see Token Endpoint for OAuth 2.0 and Authorization Server of the OAuth 2.0 Implementation). The authorization server issues tokens which are used to delegate access.
The resource server (see Resource Server for OAuth 2.0) makes resources available for the OAuth 2.0 client.
The implementation resides in the SAP Basis component and has interfaces to the OData runtime and the OAuth 2.0 authentication in the logon framework of the ICF.
SAP products running on AS ABAP become OAuth 2.0 enabled by implementing the OAuth 2.0 runtime. In the OAuth 2.0 framework, it determines during runtime which OAuth 2.0 scopes are being requested.