SAP Knowledge Base Article - Public

3272003 - Error Message When Changing the Authentication Method of Event Notification from Basic to OAuth


When you change the authentication method from one of the event notification from "User ID and Password" (Basic Authentication) to "OAuth 2.0". System throws below error message:

<!doctype html>

<html lang="en">


<title>HTTP Status 403 – Forbidden</title>

<style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style>



<h1>HTTP Status 403 – Forbidden</h1>




SAP Business Bydesign

Reproducing the Issue

1. Go to Application and User Management work center

2. Event Notification Monitoring view


Cause for the issue is the Access Token URL return the token_type as 'Bearer' with uppercase B


OAuth 2.0 authentication of Event Notification supports token_type only 'bearer'.

Please generate the access token response, with token_type as 'bearer' starting with lowercase b

In the higher release of SAP Business bydesign, it will be enhanced to consider both 'Bearer' and 'bearer'


event notification, bearer, authentication, Oauth 2.0 , KBA , AP-RC-OUT-EVT , ByD: Event Notifications , Problem


SAP Business ByDesign all versions