Configuring a Grant Type Authorization Code with OAuth 2.0

Before you can authenticate and get an access token to access resources using an OAuth 2.0 client, you must configure OAuth 2.0 to use an authorization grant type.

Prerequisites

Before you can configure an OAuth 2.0 with authorization code grant type, you must fulfill the following prerequisites:

SSL must be set up in the AS ABAP (for details, see Configuring the AS ABAP for Supporting SSL).
In the AS ABAP, there is a user with the type System for each OAuth 2.0 client. For more information how to set up such users, see User Administration Functions.

Context

Before you can authenticate and get an access token to access resources using an OAuth 2.0 client, you must configure OAuth 2.0 to use an authorization code grant type. For more information, see the related link.

Procedure

Start OAuth 2.0 Administration (transaction SOAUTH2).
In the subsection Resource Owner Authentication, use Grant Type Authorization Code Active.

Note
It is also possible to use several resource owner authentication methods, for example, SAML 2.0 bearer assertion and authorization code.
Enter the redirect URI to the OAuth 2.0 client. The redirect URI must belong to the OAuth 2.0 client. Your AS ABAP administrator should check that it really belongs to this OAuth 2.0 client.
Go to Auth. Code Lifetime to enter the lifetime of the authorization codes in seconds. Default is 60.
Go to the OAuth 2.0 Scope ID column in subsection Scope Assignment.
Use the F4 help to select the OAuth 2.0 scopes you want to access.

Note
For example, SAP NetWeaver Gateway provides the scopes. For more information, see OAuth 2.0 Scopes and SAP NetWeaver Gateway SAP NetWeaver Gateway Cookbooks .
Save your changes.