SAP Release Manager

1H 2025 Edit

Deprecation of OAuth IdP API /oauth/idp

Deprecated Required Automatically On Impact: High AI Enriched

Description

The OAuth IdP API /oauth/idp will reach end of development on December 9, 2022 and will be deleted on May 14, 2027.See More

Detailed Description

The OAuth IdP API /oauth/idp is being deprecated and will be deleted on May 14, 2027. This API was previously used to generate SAML assertions for authentication but is considered unsafe because it requires users to pass private keys through an API call. SAP is encouraging customers to adopt secure alternative methods for generating SAML assertions, such as OpenID Connect (OIDC) or other secure authentication methods.

Impact Assessment

Organizations currently using the /oauth/idp API for SAML assertion generation must plan migration to alternative authentication methods before May 14, 2027. End of Development occurred on December 9, 2022, and End of Maintenance on June 2, 2023, meaning no further bug fixes or patches will be provided. Customers should begin planning immediately to adopt secure alternatives such as OpenID Connect (OIDC) or other secure SAML assertion generation methods to avoid service disruption.

Test Recommendations

• Identify all current implementations using the /oauth/idp API within your SuccessFactors environment • Evaluate and test alternative authentication methods such as OpenID Connect (OIDC) or secure SAML assertion generation methods • Validate that alternative solutions meet your security and business requirements • Plan and execute migration from /oauth/idp to the chosen alternative method before May 14, 2027

Product: Platform

Modules: Integration and Extension

Feature: API

Reference: API-23511

Version: 1H 2023; 1H 2024; 1H 2025; 1H 2026; 1H 2027; 2H 2022; 2H 2023; 2H 2024; 2H 2025; 2H 2026

Valid as Of: May 14, 2027

Latest Revision: Jul 18, 2025

SAP Documentation

Affected Areas:

Integration and Extension API Authentication SAML Assertion Generation