The Sales Order (A2X) on SAP S/4HANA Public Cloud is one of the most utilized APIs in SAP S/4HANA Public Cloud and brings the efficiency of your business processes onto a new level. This API allows to create, read, update, and delete sales orders in an external system, adaptable to various authorization methods. In this blogpost we are going step-by-step through the process of enabling OAuth 2.0 with Authorization Code.
Setting up the Sales Order (A2X) API and enabling OAuth 2.0 is an easy thing and is well documented here. If you use the API with Basic Auth or with OAuth 2.0 with Client Credentials, the documents are created, read, updated and deleted by the technical user bound to the communication system. In most cases it is not required to identify the user if you integrate sales orders into an external system, but there are some cases where this is needed. OAuth 2.0 with Authorization Code allow API operations, which are bound to the user.
In order for OAuth 2.0 with Authorization Code to be enabled and usable, you need an application/web-server, which can provide a callback/client redirect URI. You probably have an application where you got such a callback url. In this guide I will use an API testing tool. But it should be similar in any other OData Client which supports OAuth 2.0 with Authorization Code.
Open the "Communication Systems" App and click "Own SAP Cloud System" (see Illustration 1).
Here you can find the system's OAuth 2.0 endpoints. These information are needed later in the OAuth 2.0 Client (see Illustration 2).
Create a new Communication System. Check "Inbound Only" in the Technical Data (General). Enter the Client Redirect URI which is obtained by the OData/OAuth client (see Illustration 3). In my case, I got this endpoint from my API testing tool. In your case, your OAuth 2.0 client library might have built in functionalities to launch a web-server, which serves as the endpoint.
Maintain Users for Inbound Communication (see Illustration 4). Enter a OAuth 2.0 Client ID of your choice, this is later used in the ODATA Client.
Create a Communication Arrangement for the Communication Scenario SAP_COM_0109 (Sales Order Integration). Use the previously created Communication System. Review the Inbound Communication and Save (see Illustration 5).
With that, you are done with the configuration on S/4HANA side. You can now switch to your ODATA Client and configure the authentication there.
In your OData Client, the following fields are important for configuration (see Illustration 6 and Illustration 7). This configuration labels might differ depending on the API testing tool you use.
After clicking on "Get New Access Token", the user is redirected to a browser window, where the user can authenticate with the System. After authentication, the user is asked to grant permission once. With that, the token is available for the external system and operations, which are done with the newly created token are bound to the user.
This concludes this step-by-step guide on how to enable OAuth 2.0 with Authorization Code for the Sales Order (A2X) API on SAP S/4HANA Public Cloud. Read further documentation and articles here:
Was this article helpful for you? Please vote and share ideas and feedback for future articles in context of Sales Order Processing and Integration. Your feedback is very appreciated for future articles.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
12 | |
5 | |
5 | |
4 | |
3 | |
3 | |
3 | |
3 | |
2 | |
2 |