SAP Knowledge Base Article - Public

3605060 - 2025 1H: New Permission "Request OpenID Connect Token Request OpenID Connect Token for Outbound API Calls" showing in RBP

Symptom

After 1H 2025 Release, the new permission User Permissions > General User Permission > Request OpenID Connect Token Request OpenID Connect Token for Outbound API Calls was added to RBP

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental. 

Environment

SAP SuccessFactors HCM Suite

  • Odata API login

Resolution

This permission will not affect the login function of the SF Odata API. The SF Odata API query is an inbound request. This permission is only used for outbound requests from SF and allows the user to get an token to call other application.

Permission Details:

This permission can obtain an OIDC token through SAP SuccessFactors. This token is used to authenticate outbound API calls to external applications using Identity Authentication as the Identity Provider, this permission lays the groundwork for upcoming enhancements that will improve outbound OIDC communication, enabling integrations with external applications such as UI5Flex services, BTP mobile services, and Joule. Additional details on these enhancements will be provided in future announcements.

See Also

New Role-Based Permission for Requesting OpenID Connect Tokens for Outbound API Calls | SAP Help Portal

Keywords

Role-Based Permission, OpenID Connect Tokens, Outbound API Calls, OData API Framework, IAS user identity verification, Oauth 2.0 login authentication, PLT-86030 , KBA , LOD-SF-INT-ODATA , OData API Framework , Problem

Product

SAP SuccessFactors Platform all versions