OAuth configuration 2 – Create OAuth 2.0 client user
SAP Help
- Configuring the role of the resource owner for OAuth 2.0
- Enabling a user as resource owner for OAuth 2.0
With OAuth 2.0, the access to a resource / service is not done by a user directly, but by an OAuth client. The client logs on to Gateway and sends the user’s access token to the service. Therefore, first step is to create the OAuth 2.0 client in Gateway. This client is not an app, it is a user account of type system that the actual client app will use to log on to SAP Gateway.
Tx: SU01
- Username: oidclient
Provide user information
- Last name: client
- First name: oid
- User type: System
- Initial Password: Client123456
2 Comments
MOR · August 28, 2023 at 12:38
Hello, please clarify, will the subsequent access to Odata and the selection of SAP data be performed under a business user or under the OIDCLIENT system account? After all, the user OIDCLIENT does not have permissions to access business data in SAP if some objects of permissions are entered in Odata.
Tobias Hofmann · September 12, 2023 at 16:53
The subsequent access will be done with your SAP user, not the OIDCLIENT. After all, later on in the process, the user needs to authenticate against an IdP and that information is used under the hood to know who you are in the SAP system.