Excel Add-In for SAP Concur

Build 25.0.9434

Establishing a Connection

Configure a Connection Profile

From the CData ribbon, click Get Data and select From SAP Concur connection/s to launch the CData Query window. To setup a new connection, you will have to click the New SAP Concur Connection button. Here you can set the connection settings, test the connection, and save the connection profile.

Authenticating to SAP Concur

SAP Concur supports OAuth authentication only. To enable this authentication from all OAuth flows, you must set AuthScheme to OAuth, and you must create a custom OAuth application.

Desktop Applications

To authenticate with the credentials for a custom OAuth application, you must get and refresh the OAuth access token. After you do that, you are ready to connect.

Get and refresh the OAuth access token:

When you connect, the add-in opens SAP Concur's OAuth endpoint in your default browser. Log in and grant permissions to the application.

When the access token expires, the add-in refreshes it automatically.

Note: For information about OAuth Flows, and how Desktop client applications call the OAuth 2.0 endpoint to obtain a token, see "Desktop Authentication Flows", later in this chapter.

Desktop Authentication Flows

To obtain a token, the client application needs to call the OAuth 2.0 endpoint using different flows, depending on the authentication scenarios required. The supported flows are CODE and PASSWORD.

OAuth (CODE Grant Flow)

To authenticate using the CODE grant flow, set the following connection properties:

  • AuthScheme: OAuth
  • UseSandbox: If you are authenticating via an implementation server, set this to True.
  • Region: The region of geolocation, received along with the other credentials. Possible values are EU for Europe, CN for China and US (default).

OAuthPassword (PASSWORD Grant Flow)

To authenticate using the PASSWORD grant flow, set the following connection properties:

Company-Level Authentication

Company is a top-level principal within the SAP Concur platform. You can obtain an access token and a refresh token on a Company's behalf the same way you can do it for a User.

To authenticate on behalf of a company, you must set the following properties:

  • AuthScheme: CompanyLevelAuth.
  • CompanyId: The Company's unique identifier.
  • CompanyRequestToken: The generated Company Request Token.
  • OAuthClientId: The client Id assigned when you registered your custom OAuth application.
  • OAuthClientSecret: The client secret assigned when you registered your custom OAuth application.
  • UseSandbox: If you are authenticating using an implementation server, set this to True.

After creating an custom OAuth application as described in Creating a Custom OAuth Application, you must generate a Company Request Token. If the Company Request Token Tool is available, you can use that. Otherwise, you must contact the SAP Concur support team for generating the Company Request Token.

After the Company Request Token is generated successfully, the request token tool displays the Company UUID and the Company Request Token. Save these values for later use.

Using the SAP Concur Login ID Variable

Login ID (the user's login ID) can be used if the user account associated with the OAuth 2.0 access token has a Concur account with one of the following roles:
  • Web Services Administrator for Professional
  • Can Administer for Standard

Setting Login ID to ALL retrieves information for all accounts that support the Login ID argument.

Connection Properties

The Connection properties describe the various options that can be used to establish a connection.

Managing Connections

After successfully authenticating to SAP Concur you will be able to customize the data you are importing. To learn more about this, see Managing Connections.

See Also

Copyright (c) 2025 CData Software, Inc. - All rights reserved.
Build 25.0.9434