2H 2020 announcement: Planned Retirement of HTTP Basic Authentication (SFAPI/ODATA API)
Hello SAP community,
With the 2H 2020 Release of SAP SuccessFactors application, we are announcing the sunset (planned retirement) of HTTP Basic Authentication for API calls (both SFAPI & OData).
Share the information with customers and partners, so new custom development integrations can already starting use OAuth instead of HTTP Basic Authentication (username/password).
Key Dates for Replacement
End of Development Phase: As of the 2H 2020 release, no enhancement will be made for HTTP Basic Authentication.
End of Maintenance: By 2H 2021, we’ll stop the maintenance for HTTP Basic Authentication.
Replacement Date: By 2H 2022, you’ll no longer be able to use HTTP Basic Authentication to access APIs.
Migrating to OAuth
We recommend that you use OAuth to authenticate API users for better security.
For more information, see the Authentication Using OAuth 2.0 topic under SAP SuccessFactors HXM Suite OData API: Developer Guide.
The SAP SuccessFactors support and engineering team will be answering questions in these communities above.
NOTE: Existing customers consuming APIs prior to 1H 2021 release will be able to use Basic Authentication for SFAPI & OData API till 2H 2022. However, post 2H 2022, basic auth would no longer be supported. However, new customers who are going to start consuming SFAPI or OData API post 1H 2022 release, can only use OAuth for SFAPI and OData API calls.
As mentioned earlier, no action is required from you before 2H 2020 release. However, we encourage you to plan early for the migration. After the announcement, you have until the 2H 2022 Release to move all your custom integration from Basic Authentication to OAuth.
This blog post shared the announcement and the right channels to get more information.