SAP Knowledge Base Article - Public

3141653 - Using the Audience field for OAuth authentication


You wish to know whether the Security Center supports the usage of the Audience field for OAuth and which are its specific use case scenarios


SAP SuccessFactors Security Center


Security Center supports the creation of three types of OAuth configuration:
1. OAuth 2.0 with grant type password: This scenario does not support the Audience field
2. OAuth 2.0 with grant type client credential: This scenario does not support the Audience field
3. OAuth 2.0 with SAML: This scenario supports the Audience field 

The following applies to scenarios 1. and 2. above:
- If the audience is a header attribute, it can be added as a header item by providing a key value pair under the ‘Custom Header parameters’ section. 
- Audience is not a required field and will not need to be provided during configuration (in other words, the user will not be prompted to enter it in the Security Center UI). However, when the OAuth token is generated by the OAuth server it will have an Audience field included in the token

See Also

Security Center - User Guide
KBA 2900830: EC-to-ECP: Error handling for OAuth 2.0


grant type password, password, grant type, grant type client credential, credential, credentials, OAuth, SAML, Audience, audience field, Security Center, UI, OAuth token, OAuth server, token, header, header attribute, attribute , KBA , LOD-SF-INT , Integrations , LOD-SF-PLT , Platform Foundational Capabilities , LOD-SF-INT-INC , Integration Center , LOD-SF-INT-INC-ODATA , ODATA API In Integration Center , LOD-SF-INT-INC-ISE , Integration Center from ISC Events , LOD-SF-INT-ODATA-OAU , ODATA OAUTH Authentication , LOD-SF-INT-INC-JOB , Integration Center Job , How To


SAP SuccessFactors HXM Suite all versions