Skip to Content

How to use Application based permission type in OAuth authentication in SAP ABAP?


We have ABAP application to get the data from the exchange online server(Microsoft EWS) and for this, We have used the EWS web-service and Basic authentication(RFC). But we want to change authentication type from RFC to OAuth 2.0.

I have already implemented OAuth 2.0 in SAP ABAP and it is user/Delegation based. The problem with this permission type is, Every user has to login individually and request for the access token and also some of the feature is not working. So the alternative is to use the Application based permission type. Is it feasible in SAP ABAP?.

Application based means, their will be one token(it will be requested by the administrator) and this token will be used by all the user for authentication.

is SAML 2.0 bearer assertion an alternative ?

Your suggestion would be very helpful. Please assist me.

Best Regards,

Sanjay Naik.

Add a comment
10|10000 characters needed characters exceeded

  • This should work if I understand the requirement correctly. The services would be authenticating with OAuth and the users would be using the SAML Bearer to authenticate to maintain the audit trail. As long as the users are in the IDP that has been trusted with the SP (ABAP) then it should work. They couldnt use the same token as such but they would use the SAML to authenticate.

Related questions

1 Answer

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.