Does SAP S/4HANA on Premise support outbound communication with OAuth 2.0 client_Credentials to send an IDoc (or whatever) via http to an OAuth 2.0 protected endpoint?
The question is probably very simple but it seems like SAP is trying to do everything to hide the answer if you do not want to pay a lot of money.
Thanks in advance.
Yes, indeed, it supports.
Here is the detailed guide how to do this with the sample implementation scenarios:
https://wiki.scn.sap.com/wiki/display/Security/OAuth+2.0+-+Integrating+access+protected+web+services+using+the+OAuth+2.0+Client
The core component of communication through OAuth is an OAuth 2.0 Client which is available since ABAP 740 and on all subsequent S4HANA releases, tcode
OA2C_CONFIG
.For sending IDocs you should create HTTP destination with OAuth authentication in HANA SM59 and send IDocs to it in XML form (described here).
Creation of OAuth HTTP destination:
/oauth/token?grant_type=client_credentials
in the Path Prefix field.(source: sap.com)
Choose Basic Authentication.
In the User field, enter your client ID from the Service Key
In the Password field, enter your client secret from the Service Key
(source: sap.com)
Choose Active in the SSL option.
Choose DFAULT SSL Client (Standard) in the SSL Certificate dropdown list.
(source: sap.com)
For consuming the OAuth-protected APIs in ABAP program you need to create OAuth Client profile with some additional steps. The communication model will be the following:
Here is the detailed example of implementation:
https://wiki.scn.sap.com/wiki/display/Security/Access+Google+APIs+using+the+OAuth+2.0+Client+API.
Due to the abundance of integration scenarios it's difficult to describe them all, every configuration is different.
P.S. Some of the points about S4Hana communication config were already given by me in your question 6 months ago.