cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What is "exactly" on the roadmap for Oauth2 for SAP PO?

Go to solution
xavisanse
Active Participant

on ‎01-14-2020 4:01 PM

0 Kudos

If you see the roadmap you'll see that theorically this year we will have some new features regarding Oauth2.

But we have more details? I'm looking to be able to grant Oauth2 authentication for Rest services published in SAP PO.

Seems that SAP is letting die slowly SAP PO...

Any revelation to announce? 🙂

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

alex_bundschuh
Product and Topic Expert
Product and Topic Expert
‎01-15-2020 10:51 AM

Hi Xavier,

sorry, but I really do not see how a missing feature led you to your assumption.

Since you refer to the roadmap, you may have noticed that we actually plan to ship a new release, and hence we continue supporting PO also in future. Btw, we have lately invested heavily in providing a test tool in PO, this was one of the top 5 requirements from our customer base.

Wrt OAuth we do actually support different grant flows such as SAML bearer, client-credentials grant, and resource owner password-credentials. Furthermore, it's planned to ship support for JWT with the next SP. This all has been based on customer demand.

You are right, this only applies to the receiver side so when consuming RESTful services, on the sender side we do not support OAuth yet. An option here would be to use API Management.

Anyway, I have noted down your requirement, and will discuss it with development. Any specific grant type you are after?

Regards

Alex

Show replies
Show replies
JaySchwendemann
Active Contributor
‎01-15-2020 6:04 PM
0 Kudos

Thanks for the first hand insights 🙂 Cheers

tom_chu4
Explorer
‎07-12-2022 3:09 AM
0 Kudos

Hi Alexander,

According to rfc6749 there are 4 grant types for OAuth 2.0 Authorization. However, I can only see two grant types(Resource Owner Password Credentials and Client Credentials).

During implementation, I found most of service providers support only Authorization Code grant or Implicit grant, rather than Client Credentials grant and Password grant.

Is there a plan to deploy Authorization Code grant and Implicit grant for OAuth in SAP PO please?

Regarding JWT, I don't know much about it. As per my understanding, it seems there are below two ways. Could you please help me which has been implemented in our SAP PO product please?

Using JWTs for Client Authentication

Using JWTs as Authorization Grants

Thank you~

tom_chu4
Explorer
‎07-12-2022 3:14 AM
0 Kudos

Hi Alexander,

Sorry for inconvenience. I can see JSON Web Token Authorization Grants has been implemented as per note 2892050. How about JSON Web Token Client Authentication Grant flow please?

alex_bundschuh
Product and Topic Expert
Product and Topic Expert
‎07-12-2022 8:18 AM

Hi Tom,

JWT for client authentication is on the roadmap for Q4 this year

see https://roadmaps.sap.com/board?PRODUCT=01200314690800000134&FT=INTEGRATION⦥=CURRENT-LAST#;INNO=6EAE8...

Alex

tom_chu4
Explorer
‎07-13-2022 11:39 AM
0 Kudos

Hi Alex,

Thank you for the information.

Best regards,

Tom Chu

Answers (1)

Answers (1)

shahid_ali21
Member
‎05-31-2021 3:49 PM
0 Kudos

Hi Xavier,

we are also waiting, By when SAP will ship; the client-credentials grant flow or JWT authentication SAP PO 7.5 Rest Sender adapter (Not polling). Currently, we are at SAP PO 7.5 SP19, and still, in this SP the JWT authentication & client-credentials grant authentication is not present.

Many of our interfaces are on hold status due lack of client-credentials grant in this SP.

Any idea by when client-credentials grant or JWT authentication will be shipped to which SP ?

Show replies
Show replies
Ask a Question