diff --git a/sap-extensions/v2.0-extensions.json b/sap-extensions/v2.0-extensions.json index d0b5cd9..801b9c6 100644 --- a/sap-extensions/v2.0-extensions.json +++ b/sap-extensions/v2.0-extensions.json @@ -6,6 +6,10 @@ { "paths": ["definitions.schema.properties"], "properties": { + "x-sap-oauth-body-parameter": { + "$ref": "#/definitions/schema", + "description": "To describe additional authentication parameters to be passed during oauth authentication flow." + }, "x-sap-odm-semantic-key": { "type": "array", "description": "Semantic key is a human-readable identifier used exclusively for the purpose of identifying business objects by the end-user.", diff --git a/sap-extensions/v3.0-extensions.json b/sap-extensions/v3.0-extensions.json index bf0b686..6eb0302 100644 --- a/sap-extensions/v3.0-extensions.json +++ b/sap-extensions/v3.0-extensions.json @@ -6,6 +6,10 @@ { "paths": ["definitions.Schema.properties"], "properties": { + "x-sap-oauth-body-parameter": { + "$ref": "#/definitions/Schema", + "description": "To describe additional authentication parameters to be passed during oauth authentication flow." + }, "x-sap-odm-semantic-key": { "type": "array", "description": "Semantic key is a human-readable identifier used exclusively for the purpose of identifying business objects by the end-user.", diff --git a/sap-schemas/v2.0/README.md b/sap-schemas/v2.0/README.md index 9c66729..872904e 100644 --- a/sap-schemas/v2.0/README.md +++ b/sap-schemas/v2.0/README.md @@ -30,6 +30,53 @@ Constraints: - OPTIONAL +### `x-sap-oauth-body-parameter` + +- Type: `Object` +- Used at: [OpenAPI Object](https://spec.openapis.org/oas/v3.0.3#oauth-flow-object) (root level) +- Description: To describe additional authentication parameters to be passed during oauth authentication flow. +- Example: + +```json +{ + "components": { + "securitySchemes": { + "oauth2": { + "type": "oauth2", + "flows": { + "clientCredentials": { + "tokenUrl": "https://your-auth-server/oauth/token", + "scopes": { + "api:read": "Read access", + "api:write": "Write access" + }, + "x-sap-oauth-body-parameter": { + "description": "The additional parameter to be passed during oauth authentication", + "schema": { + "type": "object", + "properties": { + "resource": { + "type": "string", + "description": "dentifies the target API for which the token is being requested. Ensures the token is audience-bound to this specific API. Value format: urn:sap:identity:application:provider:name:public_api:{clientId}", + "pattern": "urn:sap:identity:application:provider:name:public_api:{clientId}" + }, + "tenantId": { + "type": "string", + "description": "Tenant identifier. Required for multi-tenant deployments.", + "pattern": "^[a-zA-Z0-9_-]+$", + "example": "my-tenant-id" + } + } + } + } + } + } + } + } + } +} +``` + ### `x-sap-shortText` - Type: `String` diff --git a/sap-schemas/v2.0/schema.json b/sap-schemas/v2.0/schema.json index ff0ffa3..dda86f9 100644 --- a/sap-schemas/v2.0/schema.json +++ b/sap-schemas/v2.0/schema.json @@ -1338,6 +1338,10 @@ "default": true, "description": "Property contains potentially sensitive personal data. Sensitive personal data is a category of personal data that needs special handling. The determination which personal data is sensitive may differ for different legal areas or industries. Examples of sensitive personal data: 1. Special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or sex life or sexual orientation. 2. Personal data subject to professional secrecy. 3. Personal data relating to criminal or administrative offenses. 4. Personal data concerning insurances and bank or credit card accounts." }, + "x-sap-oauth-body-parameter": { + "$ref": "#/definitions/schema", + "description": "To describe additional authentication parameters to be passed during oauth authentication flow." + }, "x-sap-odm-semantic-key": { "type": "array", "description": "Semantic key is a human-readable identifier used exclusively for the purpose of identifying business objects by the end-user.", diff --git a/sap-schemas/v3.0/README.md b/sap-schemas/v3.0/README.md index bf89fc8..556ced5 100644 --- a/sap-schemas/v3.0/README.md +++ b/sap-schemas/v3.0/README.md @@ -30,6 +30,57 @@ Constraints: - OPTIONAL +### `x-sap-oauth-body-parameter` + +- Type: `Object` +- Used at: [OpenAPI Object](https://spec.openapis.org/oas/v3.0.3#oauth-flow-object) (root level) +- Description: To describe additional authentication parameters to be passed during oauth authentication flow. +- Example: + +```json +{ + "components": { + "securitySchemes": { + "oauth2": { + "type": "oauth2", + "flows": { + "clientCredentials": { + "tokenUrl": "https://your-auth-server/oauth/token", + "scopes": { + "api:read": "Read access", + "api:write": "Write access" + }, + "x-sap-oauth-body-parameter": { + "description": "The additional parameter to be passed during oauth authentication", + "schema": { + "type": "object", + "properties": { + "resource": { + "type": "string", + "description": "dentifies the target API for which the token is being requested. Ensures the token is audience-bound to this specific API. Value format: urn:sap:identity:application:provider:name:public_api:{clientId}", + "pattern": "urn:sap:identity:application:provider:name:public_api:{clientId}" + }, + "tenantId": { + "type": "string", + "description": "Tenant identifier. Required for multi-tenant deployments.", + "pattern": "^[a-zA-Z0-9_-]+$", + "example": "my-tenant-id" + } + } + } + } + } + } + } + } + } +} +``` + +Constraints: + +- OPTIONAL + ### `x-sap-shortText` - Type: `String` diff --git a/sap-schemas/v3.0/schema.json b/sap-schemas/v3.0/schema.json index 76b86f7..253d5d0 100644 --- a/sap-schemas/v3.0/schema.json +++ b/sap-schemas/v3.0/schema.json @@ -731,6 +731,10 @@ "default": true, "description": "Property contains potentially sensitive personal data. Sensitive personal data is a category of personal data that needs special handling. The determination which personal data is sensitive may differ for different legal areas or industries. Examples of sensitive personal data: 1. Special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or sex life or sexual orientation. 2. Personal data subject to professional secrecy. 3. Personal data relating to criminal or administrative offenses. 4. Personal data concerning insurances and bank or credit card accounts." }, + "x-sap-oauth-body-parameter": { + "$ref": "#/definitions/Schema", + "description": "To describe additional authentication parameters to be passed during oauth authentication flow." + }, "x-sap-odm-semantic-key": { "type": "array", "description": "Semantic key is a human-readable identifier used exclusively for the purpose of identifying business objects by the end-user.",