OAuth configuration 1.1 – Generate OAuth scope for OData service using report
SAP Help: Enabling OAuth 2.0 Authentication for OData Services
For the OData service used, see my blog Create an OData service from CDS.
For each OData service you want to access through OAuth, a unique scope is needed. The scope is based on the OData service. The scope is needed to know if the client can access the resource provided by the scope. The scope is assigned to a user through an authorization profile (security object S_SCOPE). Before you can assign the scope to a user, you must know the scope of the OData service.
To generate a scope, report /IWFND/R_OAUTH_SCOPES is used.
Tx: SE38 Report: /IWFND/R_OAUTH_SCOPES
The following parameters are needed to run the report:
- Technical service name: ZDEMO_CDS_SALESORDERITEM_CDS
- Service Doc. Identifier: technical name and suffix _0001 (version)
Service Doc. Identifier: ZDEMO_CDS_SALESORDERITEM_CDS_0001 Description of the scope: Lorem ipsum
Create OAuth scope for service
Run report.
Note
Creating a scope will only work when no scope for the service already exists. In case you activated OAuth for the service in /IWFND/MAINT_SERVICE, a scope was created automatically.
1 Comment
Delete OAuth scope | It's full of stars! · June 30, 2020 at 19:00
[…] service with OAuth, a scope is needed. I blogged about how to create a scope (using the wizard or a report) already. While adding a scope to a service is very easy, deleting is a little bit more effort. For […]