Configuring OAuth 2.0

SAP currently supports the following OAuth 2.0 flows:

• Grant type extension with OAuth 2.0 SAML bearer assertion. To configure an OAuth 2.0 SAML bearer assertion flow, proceed as follows:

  1. Establish SAML 2.0 trust relationship with the issuer of the SAML 2.0 assertion (see Configuring a Trusted Identity Provider for OAuth 2.0).

  2. Configure OAuth 2.0 clients (see Configuring an OAuth 2.0 Client).

  3. Configure resource owner authentication with a SAML 2.0 bearer assertion (see Configuring a Grant Type Extension with an OAuth 2.0 SAML Bearer).

  4. Grant access to the resource owner by assigning the S_SCOPE authorization object (see Resource Owner in OAuth 2.0).

  .

• Grant type authorization code. To configure an authorization code flow, proceed as follows:

  1. Configure OAuth 2.0 clients (see Configuring an OAuth 2.0 Client).

  2. Configure resource owner authentication with an authorization code (see Configuring a Grant Type Authorization Code with OAuth 2.0).

  3. Grant access to the resource owner by assigning the S_SCOPE authorization object (see Resource Owner in OAuth 2.0).

For more information, see OAuth 2.0 Introduction and Concept.