Saviynt Forums

@ghrk 

The create for SAP will work thru the Saviynt. I also worked on SAP concur integration and was able to get the createAccount working. 

If you are able to get the account created thru postman then you should be able to create it through Saviynt. 

@rushikeshvartak 

{
"accountIdPath": "call1.message.id",
"call": [
{
"name": "call1",
"connection": "acctAuth",
"url": "https://xyz/Users",
"httpMethod": "POST",
"httpParams": "{\"schemas\":[\"urn:ietf:params:scim:schemas:core:2.0:User\"],\"emails\":[{ \"value\":\${user.email}\",\"type\": \"work\"}],\"active\":true,\"userName\":\"${user.email}\",\"name\":{\"formatted\":\"abc\",\"familyName\":\"abc\",\"givenName\":\"abc\"},\"urn:ietf:params:scim:schemas:extension:spend:2.0:User\":{\"ledgerCode\":\"abc\",\"country\":\"US\",\"locale\":\"en_US\",\"reimbursementCurrency\":\"USD\",\"customData\": [ {\"id\":\"custom21\",\"value\":\"US\"}, {\"id\":\"orgUnit1\",\"value\":\"xyz\"},{\"id\":\"custom20\",\"value\":\"xyz\"},{\"id\":\"orgUnit4\",\"value\":\"xyz\"},{\"id\":\"orgUnit2\",\"value\":\"xyz\"},{\"id\":\"custom1\",\"value\":\"apitest@xyz.com\"}]},\"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User\":{\"employeeNumber\":\"${user.email}\", \"companyId\":\"xyz\"},\"urn:ietf:params:scim:schemas:extension:spend:2.0:Role\":{\"roles\":[{\"roleName\": \"role1\"},{\"roleName\": \"role2\"},{\"roleName\": \"role3\"},{\"roleName\": \"role4\"}]}}",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"successResponses": {
"statusCode": [
200
]
},
"unsuccessResponses": {
"statusCode": [
400,
401,
404,
500,
501,
502,
503,
504
]
}
}
]
}

Hi @Rajatlm10 @haardik_verma 

We are also looking for concur integration, just wanted to confirm if create account and adding access (roles/entitlements) supported or not. Were you able to implement these use cases successfully. We are on version 24.5. Thank You!

@haardik_verma Thank you for providing the details.
@rushikeshvartak Provided Feedback on the documentation.

Hi @haardik_verma @rushikeshvartak 

Our customer has created a sandbox environment, I tried using Application Integration, what is the x-consumer key, is it client secret?

can you please confirm which authentication should we use, is it Authorization grant or Password Grant. Can you please share a sample connection JSON if we can use Authorization Grant. Thank you for help and support. 

[This post has been edited by a Moderator to remove sensitive information.]

@rushikeshvartak Thank for quick response. So, we can update the connection JSON after the connection is created accordingly with the grant type we are using.

Because the application onboarding only has username and password options but with authorization grant, we need to provide access and refresh tokens. Can you please review below connection JSON for authorization grant, based on SAP Concur Developer Center | Authentication I think we don't need Authorization in "httpHeaders":

{
"authentications": {
"acctAuth": {
"authType": "oauth2",
"url": "https://*****.api.concursolutions.com",
"httpMethod": "POST",
"httpParams": {
"grant_type": "refresh_token",
"refresh_token": "${refresh_token}"
},
"httpHeaders": {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic xxxxxxyyyyyyyyzzzzzz"
},
"httpContentType": "application/x-www-form-urlencoded",
"expiryError": "ExpiredAuthenticationToken",
"authError": [
"USER_AUTHENTICATION_FAILED",
"PARTNER_AUTHENTICATION_FAILED",
"AuthenticationFailed"
],
"refreshType": "RefreshToken",
"refreshTokenResponsePath":"refresh_token",
"refreshToken":"xxxxxxyyyyyyyyzzzzzz",
"timeOutError": "Read timed out",
"errorPath": "errorCode",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"retryFailureStatusCode": [
401
],
"accessToken":"Bearer xxxxxxyyyyyyyyzzzzzz"
}
}
}

[This post has been edited by a Moderator to remove sensitive information.]

@rushikeshvartak Provided feedback. Thank you!