<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/JSPWiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/JSPWiki/images/favicon.ico" />

<pre>
[{ALLOW view All}]
[{ALLOW edit Markus}]

!Connecting SAP SuccessFactors Using an OAuth 2.0 Client (OA2CS)

Follow \\
SIMG &gt; ABAP Platform &gt; Application Server &gt; Basis Services &gt; Communication Interfaces \\
&gt; OAuth 2.0 Client Implementation for SAP SuccessFactors Integration

The default implementation allows only a connection to ONE SuccessFactors instance.\\
Then you can use the existing objects.

This ones decribes how to create custom objects for multiple instances.

!certificates / communication
1. Configure Proxy Settings\\
x.SICF &gt; F8 &gt; Menu &gt; Client &gt; Proxy Settings \\
*   &gt; HTTPS Protocol = sia-proxy-basic.geo.conti.de:3128 SKIPPED !!!\\
*   &gt; Global Settings &gt; Set Active SKIPPED !!!
   

!OAuth configuration
* OAuth profile, default &quot;SUCCESSFACTORS&quot;, use SE80 &gt; Create &gt; Others &gt; OAuth 2.0 Client Profile (t.OA2C_PROFILES)
* Application ID, default &quot;DEFAULT&quot;, x.CLB2_APPLI
* Provider type, default &quot;SuccessFactors&quot;, x.CLB2_PTYPE (SM30 &gt; CLB2V_PTYPE)
* Application Server Assignment, default &quot;DEFAULT&quot;, SM34 &gt; CLB2VC_APPLI_PLATF  &lt;= here we have the OAuth App ID and the companyId
* Server Communication, default &quot;SuccessFactors&quot;, SM34 &gt; CLB2VC_PLATF (SM30 &gt; CLB2V_PLATF), make sure to fill also the &quot;Authentication Methods&quot; like USER
* Server, default &quot;SuccessFactors&quot;, SM34 &gt; CLB2VC_PLATF_DEF 
* Application Settings&quot; for each instance with SM30 &gt; CLB2V_APPL_DATA
* Parameters for each instance with SM30 &gt; CLB2V_APPL_EXT, here we have company_id	

x. OA2C_CONFIG (t.oa2c_client)
{{{
api12preview.sapsf.eu/oauth/token
form, header, current, SAML
www.successfactors.com
998}}}



Example configuration, do use always same case to avoid mixing up
|Profile|Z_CONTIDEV
|Type|Z_CONTIDEV
|Application ID|Z_CONTIDEV
|Service Provider Type|Z_CONTIDEV &gt; SSF ID = OACD
|Server|Z_CONTIDEV

! Connection Test
r.RCLB2_DEMO_GENERIC
* Choose your Service Provider Type and Application ID
* Request Method: HTTP Get (GET)
* Manually Entered Endpoint
** Endpoint: /odata/v2/FODivision/
** Authentication Context: User Context (USER)

! Successfactors auth endpoints

The first is not secure anymore and should not be used anymore.
{{{
/oauth/idp
	parameters: 
		client_id
		user_id
		private_key
		token_url
		use_email
		use_username  &lt;=== true
/oauth/token
	parameters:
		company_id
		client_id
		grant_type
		assertion
		new_token	&lt;=== true
}}}
	
!Trace
/usr/sap/DMD/D11/work/dev_w*  (work process traces) =&gt; search for &quot;OA2C&quot;
</pre>