Delete OAuth scope

Published by Tobias Hofmann on

1 min read

To be able to access an OData service with OAuth, a scope is needed. I blogged about how to create a scope (using the wizard or a report) already. While adding a scope to a service is very easy, deleting is a little bit more effort. For instance, when you go to transaction iwfnd/maint_service, select the service and then on OAuth, you’ll get a message stating that a scope already exists.

Gateway service activation error message

The wizards creates a scope for you, but does not support the option to delete it. To delete an OAuth scope you can run a report. The parameter needed to run the report is the technical name of the OData service. I use my demo service (ZDEMO_CDS_SALESORDERITEM_CDS_0001) as an example.

Delete scope

Tx: SE38

SE38 report

Run the report.

Service Doc. Identifier: ZDEMO_CDS_SALESORDERITEM_CDS_0001
Select: “Delete Oauth scope of service”

delete oauth scope report

This deletes the scope for the service.


To check that the scope was deleted, you can check the TADIR entry. Use ADT for this. I wrote a blog on how to check the available OAuth scopes.

Query: SELECT * from TADIR where OBJECT = ‘OA2S’

ADT table

The query is not returning an entry for the service.

Let the world know

Tobias Hofmann

Doing stuff with SAP since 1998. Open, web, UX, cloud. I am not a Basis guy, but very knowledgeable about Basis stuff, as it's the foundation of everything I do (DevOps). Performance is king, and unit tests is something I actually do. Developing HTML5 apps when HTML5 wasn't around. HCP/SCP user since 2012, NetWeaver since 2002, ABAP since 1998.


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.