SAP Help Configuring the role of the resource owner for OAuth 2.0 Enabling a user as resource owner for OAuth 2.0 With OAuth 2.0, the access to a resource / service is not done by a user directly, but by an OAuth client. The client logs on to Gateway and Read more…
SAP Help: Activate OData service Enable OAuth service For the OData service used, see my blog “Create an OData service from CDS”. Besides the option to activate an OAuth scope for an OData service manually, a wizard can be used. In that case, to enable OAuth for an OData service, Read more…
SAP Help: Enabling OAuth 2.0 Authentication for OData Services For the OData service used, see my blog Create an OData service from CDS. For each OData service you want to access through OAuth, a unique scope is needed. The scope is based on the OData service. The scope is needed Read more…
This blog shows how to use Keycloak for OAuth 2.0 and OpenID Connect. Keycloak is an identity and access management solution. Among its list of supported authentication mechanisms are SAML 2.0 and OpenID Connect. It is open source and can be installed via Docker. I wrote how to install Keycloak Read more…
After creating an OAuth 2.0 scope and client and assigning the scope to the client, we can test the configuration. To do this, we need to log on in Keycloak as the OAuth 2.0 client. Keycloak will then validate the client and provide the Access Tokens and the scope(s) assigned Read more…
After performing the previous steps in Keycloak, an OAuth 2.0 scope and client is available. To get the scope after the OAuth 2.0 client authenticates against Keycloak, you need to assign the scope to the client. Log on to Keycloak and go to clients and select oidclient. This is the Read more…
OAuth uses scopes to restrict access to resources. “Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. An application can request one or more scopes, this information is then presented to the user in the consent screen, and the access token issued to Read more…
In this article I will show how to add an OAuth 2.0 client in Keycloak. Log in to Keycloak and select a realm. In a new (empty) installation of Keycloak, the realm Master is selected by default. The realm name is important, as it is part of the URL used Read more…