Establishing a Connection
The objects available within our connector are accessible from the "cdata.saparibaprocurement" module. To use the module's objects directly:
- Import the module as follows:
import cdata.saparibaprocurement as mod
- To establish a connection string, call the connect() method from the connector object using an appropriate connection string, such as:
mod.connect("ANID=AN02000000280;API=PurchaseOrdersBuyerAPI-V1;APIKey=wWVLn7WTAXrIRMAzZ6VnuEj7Ekot5jnU;AuthScheme=OAuthClient;InitiateOAuth=GETANDREFRESH;OAuthClientId=testClient;OAuthClientSecret=testClientSecret;UseSandbox=false;")
Connecting to SAP Ariba
Set the following to connect:
- ANID: Your Ariba Network ID.
- API: Specify which API you would like the connector to retrieve SAP Ariba data from. Select the Buyer or Supplier API based on your business role.
- Environment: The development environment to use when connecting.
Authenticating to SAP Ariba
Authentication to SAP Ariba APIs is handled via OAuth. SAP Ariba's OAuth flow requires no user interaction.
OAuthClient
Set the AuthScheme to OAuthClient.
You need to register an application with the service to obtain the APIKey, OAuthClientId and OAuthClientSecret.
See Creating a Custom OAuth App for information about creating an application.
InitiateOAuth defaults to GETANDREFRESH for the OAuthClient authentication scheme.
Automatic OAuth
Get and Refresh the OAuth Access Token
After setting the following, you are ready to connect:
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
When you connect, the connector automatically completes the OAuth process:
- The connector obtains an access token from SAP Ariba and uses it to request data.
- The connector refreshes the access token automatically when it expires.
- The OAuth values are saved in memory relative to the location specified in OAuthSettingsLocation.
Manual OAuth
Get an OAuth Access Token
Set the following connection properties to obtain the OAuthAccessToken:
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
Then call the GetOAuthAccessToken stored procedure. Set the GrantType input to client_credentials or openapi_2lo (available for legacy users). If not specified, GrantType defaults to client_credentials.
After you have obtained the access and refresh tokens, you can connect to data and refresh the OAuth access token either automatically or manually.
Automatic Refresh of the OAuth Access Token
To have the connector automatically refresh the OAuth access token, set the following on the first data connection.
- InitiateOAuth: REFRESH.
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
- OAuthAccessToken: The access token returned by GetOAuthAccessToken.
- OAuthRefreshToken: The refresh token returned by GetOAuthAccessToken.
Manual Refresh of the OAuth Access Token
The only value needed to manually refresh the OAuth access token when connecting to data is the OAuth refresh token. Use the RefreshOAuthAccessToken stored procedure to manually refresh the OAuthAccessToken after the ExpiresIn parameter value returned by GetOAuthAccessToken has elapsed, then set the following connection properties:
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
Then call RefreshOAuthAccessToken with OAuthRefreshToken set to the OAuth refresh token returned by GetOAuthAccessToken. After the new tokens have been retrieved, open a new connection by setting the OAuthAccessToken property to the value returned by RefreshOAuthAccessToken.
Finally, store the OAuth refresh token so that you can use it to manually refresh the OAuth access token after it has expired.