SAP Knowledge Base Article - Public

3272003 - Error Message When Changing the Authentication Method of Event Notification from Basic to OAuth

Symptom

When you change the authentication method from one of the event notification from "User ID and Password" (Basic Authentication) to "OAuth 2.0". System throws below error message:

<!doctype html>

<html lang="en">

<head>

<title>HTTP Status 403 – Forbidden</title>

<style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style>

</head>

<body>

<h1>HTTP Status 403 – Forbidden</h1>

</body>

</html>

Environment

SAP Business Bydesign

Reproducing the Issue

1. Go to Application and User Management work center

2. Event Notification Monitoring view

Cause

Cause for the issue is the Access Token URL return the token_type as 'Bearer' with uppercase B

Resolution

OAuth 2.0 authentication of Event Notification supports token_type only 'bearer'.

Please generate the access token response, with token_type as 'bearer' starting with lowercase b

In the higher release of SAP Business bydesign, it will be enhanced to consider both 'Bearer' and 'bearer'

Keywords

event notification, bearer, authentication, Oauth 2.0 , KBA , AP-RC-OUT-EVT , ByD: Event Notifications , Problem

Product

SAP Business ByDesign all versions