There are various OAuth 2.0 flows that enable authentication and authorization with an OAuth 2.0 client at a back-end where you want to access resources. Currently SAP offers the following OAuth 2.0 flows:
Scenario |
Authentication Method |
Recommended Flow |
---|---|---|
Server-to-server communication: A user authenticates at a web application. The web application needs to access resources from an OAuth 2.0-enabled back-end on behalf of the user. |
SAML 2.0 on behalf of the user |
|
Loosely integrated communication between web applications. No trust for Single Sign-On needs to be established between the web application and the AS ABAP system hosting the protected resources. The user gives consent to grant access to a certain set of resources. |
All resource owner authentication methods supported by an AS ABAP, for example, user name and password. For more information, see Standard Logon Order. |