Establishing a Connection
Connecting to SAP Ariba
Set the following to connect:
- API: Specify which API you would like the provider to retrieve SAP Ariba data from. Select the Supplier, Sourcing Project Management, or Contract API based on your business role.
- DataCenter: The data center where your account's data is hosted.
- Realm: The name of the site you want to access.
- Environment: Indicate whether you are connecting to a test, sandbox, or production environment.
If you are connecting to the Supplier Data API or the Contract API, additionally set the following:
- User: Id of the user on whose behalf API calls are invoked.
- PasswordAdapter: The password associated with the authenticating User.
Finally, if you're connecting to the Supplier API, set ProjectId to the Id of the sourcing project you want to retrieve data from.
Authenticating to SAP Ariba
Authentication to SAP Ariba APIs is handled via OAuth. SAP Ariba's OAuth flow requires no user interaction.
OAuthClient
Set the AuthScheme to OAuthClient.
You need to register an application with the service to obtain the APIKey, OAuthClientId and OAuthClientSecret.
See Creating a Custom OAuth App for information about creating an application.
InitiateOAuth defaults to GETANDREFRESH for the OAuthClient authentication scheme.
Automatic OAuth
Get and Refresh the OAuth Access Token
After setting the following, you are ready to connect:
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
When you connect, the provider automatically completes the OAuth process:
- The provider obtains an access token from SAP Ariba and uses it to request data.
- The provider refreshes the access token automatically when it expires.
- The OAuth values are saved in memory relative to the location specified in OAuthSettingsLocation.
Manual OAuth
Get an OAuth Access Token
Set the following connection properties to obtain the OAuthAccessToken:
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
Then call the GetOAuthAccessToken stored procedure. Set the GrantType input to client_credentials or openapi_2lo (available for legacy users). If not specified, GrantType defaults to client_credentials.
After you have obtained the access and refresh tokens, you can connect to data and refresh the OAuth access token either automatically or manually.
Automatic Refresh of the OAuth Access Token
To have the provider automatically refresh the OAuth access token, set the following on the first data connection.
- InitiateOAuth: REFRESH.
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
- OAuthAccessToken: The access token returned by GetOAuthAccessToken.
- OAuthRefreshToken: The refresh token returned by GetOAuthAccessToken.
Manual Refresh of the OAuth Access Token
The only value needed to manually refresh the OAuth access token when connecting to data is the OAuth refresh token. Use the RefreshOAuthAccessToken stored procedure to manually refresh the OAuthAccessToken after the ExpiresIn parameter value returned by GetOAuthAccessToken has elapsed, then set the following connection properties:
- APIKey: The Application key in your app settings.
- OAuthClientId: The OAuth Client Id in your app settings.
- OAuthClientSecret: The OAuth Secret in your app settings.
Then call RefreshOAuthAccessToken with OAuthRefreshToken set to the OAuth refresh token returned by GetOAuthAccessToken. After the new tokens have been retrieved, open a new connection by setting the OAuthAccessToken property to the value returned by RefreshOAuthAccessToken.
Finally, store the OAuth refresh token so that you can use it to manually refresh the OAuth access token after it has expired.