cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security SICF for external use?

vitran23
Active Participant

on ‎08-05-2017 2:31 AM

0 Kudos

What is the proper method for security a SICF web service for consumption by external applications?

Currently it's setup to use SAP authentication for our normal use to restrict the data that is pulled but I need a option b for applications to access the service. Is there a way to crate a oauth type of token to be used?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

architectSAP
Active Contributor
‎08-06-2017 6:25 AM
0 Kudos

Hello Vi,

The OAuth 2.0 implementation in AS ABAP supports two kinds of OAuth 2.0 flows as defined in the OAuth 2.0 specification:

  • SAML 2.0 Bearer Assertion Flow
  • Authorization Code Flow

OAuth 2.0 - Constrained Authorization and Single Sign-On for OData Services

Another option would be to expose your service via NetWeaver Gateway:

NetWeaver Gateway Service Enabling and OAuth 2.0 Scope Creation

Best regards

Frank

Show replies
Show replies
vitran23
Active Participant
‎08-07-2017 12:00 PM
0 Kudos

Frank, I'm looking at the 2nd link you provided about the Scope Creation. How would my custom service that I created within SICF appear in the "Active / Maintenance Services" screen of SPRO? Do I need to make a corresponding service within SOAManager for my custom SICF service?

Ask a Question