Configuring the Role of the Resource Owner for OAuth 2.0
Context
To configure a role for a resource owner and OAuth 2.0 clients with their related
scopes, proceed as follows:
Procedure
Start the role maintenance with the transaction
PFCG.
Choose the role you want to assign to the resource owner's user.
Choose the Authorizations tab.
Choose Change Authorization Data. This opens the screen
where you can add or remove authorization objects.
Choose .
Choose the Manual pushbutton.
Enter or choose the S_SCOPE authorization
object.
Expand the S_SCOPE authorization object. You see the following fields:
OAuth 2.0 Client ID
OAuth 2.0 Client ID
Choose in front of the OAuth 2.0 Client ID field and enter
the client you want to enable to access the scope (in the same authorization
object).
Enter a full OAuth 2.0 client ID for one client only. You can optionally enter
* for all clients or, for example
OA2* for all clients starting with OA2.
Save your entries.
Choose in front of the OAuth 2.0 Scope field.
Enter the scope that is supposed to be accessed by the OAuth 2.0 client specified
above. Enter * for all scopes, list scopes, specify ranges or
enter, for example SC* for all scopes starting with SC.
Save your entries.
Save the authorizations and generate the role using .
Results
Now the resource owner role for OAuth 2.0 is completed. You have determined OAuth 2.0
clients and their respective scopes.