/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
With the upgrade to the new OAuth 2.0 implementation, SAP Commerce Cloud has removed the less secure Password Flow and Implicit Flow, replacing them with stricter classifications for Confidential Clients and Public Clients. Since the new version enforces mandatory client validation rules, this article aims to introduce the updated OAuthClientDetails validation rules, configuration adjustments, default value changes, and consider enabling "dry run" mode for smoother migration.
"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."
Read more...
Environment
SAP Commerce Cloud JDK 21
Product
Keywords
OAuth 2.0, Confidential Clients, Public Clients, PKCE (Proof Key for Code Exchange), OAuthClientDetails, Validation, Grant Types, flow , KBA , CEC-SCC-PLA-PL , Platform , Product Enhancement
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)