Scribd
Upload
177 views

PI REST Adapter - Connect To Concur

This document discusses how to connect to the Concur travel and expense management API using the SAP Process Integration (PI) REST adapter. It provides three options for handling authentication with Concur: 1) passing an access token via a custom HTTP header, 2) providing the access token directly in the OAuth configuration, or 3) automatically retrieving an access token from Concur's token service URL. The document includes steps for configuring a REST receiver channel in the PI adapter for each authentication option.

Uploaded by

prn1008
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
177 views

PI REST Adapter - Connect To Concur

This document discusses how to connect to the Concur travel and expense management API using the SAP Process Integration (PI) REST adapter. It provides three options for handling authentication with Concur: 1) passing an access token via a custom HTTP header, 2) providing the access token directly in the OAuth configuration, or 3) automatically retrieving an access token from Concur's token service URL. The document includes steps for configuring a REST receiver channel in the PI adapter for each authentication option.

Uploaded by

prn1008
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

PI REST Adapter - Connect to Concur

This blog is part of a collection of blog entries that shows architectural concepts and configuration of the SAP
PI REST Adapter. We also added some sample scenarios to make it easier for you to understand how your
scenario can be implemented using the PI REST Adapter.

If you haven’t done so far, best is to start with the very first blog PI Rest Adapter - Don't be afraid
within the blog series covering the concepts of the REST adapter. A complete list of all blog
entries can be accessed from here PI REST Adapter - Blog Overview.
The current blog describes how to connect to Concur - SAP's cloud solution for travel and expense
management - via its REST API. I primarily focus here on how to authenticate to Concur's applications.
Basically, you need an access token which needs to be passed to the API in the request header. Here, Concur
supports different OAuth 2.0 Authorization flows. For message exchange, the so called Native Flow is best
suited. As of release 7.31 SP17 / 7.4 SP12, the REST adapter supports the configuration of the OAuth 2.0
Native Flow for Concur. Alternatively, if you are not on the latest SP, you can pass the access token in the http
header by defining custom http header. This however needs at least 7.31 SP15 / 7.4 SP10, see also PI REST
Adapter - Define custom http header elements. In this blog I will describe all options.

Preparation
If you like to get familiar with Concur's REST API, you can create your own developer sandbox at Concur
Developer Center. There, you also find the API reference guide. If you sign up for a new sandbox, in the
welcome page you get the consumer key, the consumer secret, and the access token of your account
displayed. You need them to authenticate to your sandbox when calling the APIs. If you aren't able to recall
them, or you need to refresh them, you can navigate to Administration --> Company --> Web Services, and
select Register Partner Application.

Here, you can either create a new Application Registration or modify the existing one. If you have chosen
Modify, you can display the consumer key, and the consumer secret or create a new secret.

Generated by Jive on 2016-10-02Z


1
PI REST Adapter - Connect to Concur

If you cannot recall the access token, you can request a new one using the Advanced Rest Client application
in your Chrome browser by calling the token service of Concur, i.e., https://www.concursolutions.com/net2/
oauth2/accesstoken.ashx. In the header, specify the consumer key (header element X-ConsumerKey), when
prompted maintain user and password. In the response of the call, a new access token is provided as well as
its expiration date. Usually, the access token is valid for one year.

Generated by Jive on 2016-10-02Z


2
PI REST Adapter - Connect to Concur

In the following, let's focus on the configuration of the receiver channel.

Configuring the REST receiver channel


You would like to access travel expenses from Concur. Create a new Integration Flow with receiver channel of
type REST. Select the receiver channel, and switch to tab REST URL below tab Adapter-Specific. Maintain the
URL Pattern, here https://www.concursolutions.com/api/v3.0/expense/quickexpenses.

Generated by Jive on 2016-10-02Z


3
PI REST Adapter - Connect to Concur

As mentioned above, we do support different options for handling the access token in order to authenticate and
authorize at Concur's APIs:

Option 1: Provide access token via custom header


If you are not yet on release 7.31 SP17 / 7.4 SP12 but at least on 7.31 SP15 / 7.4 SP10, you only have one
option which is maintaining the access token using the custom http header capability of the REST adapter.
Once you request a new access token from Concur's token service, it is usually valid for one year. This means,
you need to ensure that you replace the access token before it expires. This is a manual process: Get a new
access token by calling the token service via the Advanced Rest Client application in the Chrome browser as
shown above for instance; Then, maintain the channel, and re-activate the same.

Maintain the receiver channel as follows. Switch to tab General below tab Adapter-Specific. Here, you don't
need to choose any authentication nor OAuth settings.

Switch to tab HTTP Headers, and add a new entry into the table with Header Name Authorization and Value
Pattern OAuth <your access token>.

Generated by Jive on 2016-10-02Z


4
PI REST Adapter - Connect to Concur

Option 2: Provide access token directly


If you are already on release 7.31 SP17 / 7.4 SP12 or above, you have the option to maintain the access token
as part of the OAuth authorization settings. This more or less corresponds to option 1 in the sense that you
need to maintain a valid access token. The same applies here with respect to the lifecycle of the access token
and channel: you need to ensure to exchange the access token before it expires.

Maintain the receiver channel as follows. Switch to tab General below tab Adapter-Specific. Check flag
Authorize with OAuth. From the drop down menus select the Flow OAuth 2.0 Native Flow for Concur and the
Access Token Source Provide Access Token directly. As Access Token parameter maintain your valid access
token.

Generated by Jive on 2016-10-02Z


5
PI REST Adapter - Connect to Concur

Switch to tab HTTP Headers. As you can see, there is no need to maintain any custom http header, at least not
for the authentication towards Concur.

Generated by Jive on 2016-10-02Z


6
PI REST Adapter - Connect to Concur

Option 3: Get access token from Concur token service


If you are already on release 7.31 SP17 / 7.4 SP12 or above, the preferred option would be to get the access
token from Concur's token service. If you choose this option, the access token is automatically requested from
the token service and stored on PI. As long as the access token is valid, it is used for authentication during
the message exchange. Otherwise, a new access token is automatically requested replacing the expired one.
Here, no manual activity is required for refreshing the access token.
Maintain the receiver channel as follows. Switch to tab General below tab Adapter-Specific. Check flag
Authorize with OAuth. From the drop down menus select the Flow OAuth 2.0 Native Flow for Concur
and the Access Token Source Get Access Token from Concur URL. The Access Token URL https://
www.concursolutions.com/net2/oauth2/accesstoken.ashx is automatically pre-set. Maintain your Login ID and
Password, and your Consumer Key. Like in option 2, no need to maintain any custom http header.

I hope this blog was helpful to understand how to authenticate to Concur's REST API. If you like to learn more,
check out the other blogs in the series, accessible from the main blog PI REST Adapter - Blog Overview.

Generated by Jive on 2016-10-02Z


7

You might also like