TDV Adapter for SAP Concur

Build 22.0.8462

Creating a Custom OAuth App

SAP Concur uses the OAuth authentication standard, which requires the authenticating user to interact with SAP Concur via the browser. The adapter facilitates the OAuth exchange in various ways as described below.

Register an OAuth Application

You can follow the procedure below to obtain the OAuth client credentials, the OAuthClientId and OAuthClientSecret.

  1. In order to obtain an access token, you need to register an application with SAP Concur. You can do this by contacting your Partner Enablement Manager or Partner Account Manager. Once you have registered an application, you will receive a clientId which will be your OAuthClientId, clientSecret which will be your OAuthClientSecret and geolocation.
  2. Select the APIs that your app will request permission to access. For full driver functionality, you must select : Notifications - View and manage notifications, Supplier Service - Get Supplier Data, Digital Tax Invoice - Get or Validate Digital Tax Invoices, Attendee List - Add, Update, or Inactivate Attendees, Expense Configuration - Update Expense Feature Configuration, E-Receipts Provider - Post receipts and invoices, get matching facts, Expense Report - Add, Approve, or Update Expense Reports, Extract - Request Extract of Available Data, Imaging - Add or Retrieve Report and Line Item Images, Insights - Additional services marketable to users, Itinerary - Add or Update Itineraries or Bookings, List Items - Add, Update, or Delete List Items, Meeting - Attendee Travel Booking, Payment Batch - Close Batches and Request Batch Export Files, Travel Profile - Access and update user travel profile information, Travel Request - Add, Update or Delete Travel Requests, Travel Approval - Approve or Reject Travel Itineraries, Users- Add or Update User Accounts

Authenticate to SAP Concur

In order to obtain a token, the client application needs to call the Oauth2 endpoint using various grants depending on the authentication scenarios required. The supported scenarios from our driver are CODE and PASSWORD grant type. The default OAuthGrantType is CODE, which requires you to follow the steps below. After setting the following connection properties, you are ready to connect:

  • OAuthClientId: Set this to your clientId.
  • OAuthClientSecret: Set this to your clientSecret.
  • InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken connection property.
  • AuthScheme: This is by default OAuth which uses the CODE grant type. If you wish to authenticate with PASSWORD grant type flow see Authentication with Password grant type
  • UseSandbox: Set this to true if you are authenticating using an implementation server.
  • Region: Set this to the region of geolocation received along with the other credentials. Possible values are EU for Europe, CN for China and US. Its default value is US.
When you connect, the adapter completes the OAuth process:
  1. Extracts the access token from the CallbackURL.
  2. Obtains a new access token when the old one expires.
  3. Saves OAuth values along with geolocation in OAuthSettingsLocation to be persisted across connections.

Copyright (c) 2023 CData Software, Inc. - All rights reserved.
Build 22.0.8462