APIs for SAP SaaS applications
In this blog, we will be covering the integration options available with listed SAP SaaS systems via APIs. It is always time-consuming for a developer to refer, test and implement the standard API documents so the objective of this blog is to keep everything simple and in one place.
Introduction to Web services API
In simple words, API defines a set of rules or methods which allows access to get specific information.
Most often-used types of web service:
- SOAP - is a protocol that defines the communication method, and the structure of the messages. SOAP service publishes a definition of its interface in a machine-readable document, using wsdl – Web Services Definition Language and the data transfer format is XML
- XML-RPC - is an older protocol than SOAP. It uses a specific XML format for data transfer, whereas SOAP allows a proprietary XML format. An XML-RPC call tends to be much simpler, and to use less bandwidth, than a SOAP call
- JSON-RPC - is like XML-RPC, but uses JSON instead of XML for data transfer
- REST - is not a protocol, but rather a set of architectural principles. The thing that differentiates a REST service from other web services is its architecture. Some of the characteristics required of a REST service include simplicity of interfaces, identification of resources within the request, and the ability to manipulate the resources via the interface
In this blog, we will cover below SAP SaaS applications
- SAP Ariba
- SAP FieldGlass
- SAP Concur
- SAP Hybris cloud for customer
- SAP SuccessFactors
We will be using Postman to play around with the APIs.
SAP Ariba
Ariba provides open API portal to integrate 3
rd party applications with SAP Ariba network and SAP Ariba solutions.
The developer portal provides a catalog with a full description of available APIs as described in figure1
Figure 1
Get the developers portal access to develop and manage API applications: Ask company partner admin to provide the developers portal access. URL:
https://developer.ariba.com/api/
Create an application in developer’s portal: Login and go to manage tab, create a new application and enter any relevant name as shown in figure2
Figure 2
Promote the application for productive usage: Request partner admin to get the application approved for Test/Production usage and map the application with the realm of company environment. Once done get the information from partner admin.
- ClientID
- ClientSecret
- Application API key
Get the access token: Once all the information is provided, encode the ClientID and ClientSecret in base 64 format. Post the request as shown in figure 3
- Ariba oauth url: https://api.ariba.com/v2/oauth/token
- Header values: Content-Type: application/x-www-form-urlencoded Authorization: Basic {base64(ClientID:ClientSecret)}
- Body: grant_type=openapi_2lo
- Access and refresh token in response
Figure 3
Consume APIs using access token: After getting the access token, do a GET call as shown in figure 4
- Ariba runtime url:
- Header value: Content-Type: application/xml
- Header value: apiKey: {Application Key}
- Authorization: Bearer {Access Token}
- Response from requested API
Figure 4
Few more examples
https://openapi.ariba.com/api/approval/v1/sandbox/invoices/approve?
https://openapi.ariba.com/api/procurement-reporting-jobresult/v2/sandbox/jobs/Falied?
SAP Fieldglass
Here we will cover the general API information applicable to the SAP Fieldglass REST APIs, how the REST APIs work, how to obtain authentication and authorization to connect to a REST API.
SAP Fieldglass REST APIs use the OAuth 2.0 protocol for authentication and authorization.
To perform GET/POST operations on SAP Fieldglass APIs, gather information from Fieldglass admin
- Fieldglass environment URL
- User credentials = Base64Encoded(user:credential)
- Fieldglass client specific application key
Now, after getting above information from SAP Fieldglass team follow the below steps
Obtain OAUTH token from Fieldglass server as shown in figure5
- URL to get the token: https://{SAP Fieldglass URL}/api/oauth2/v2.0/token?grant_type=client_credentials&response_type=token
- Authorization: Basic {base64(user:credential)}
- X-ApplicationKey: {Provided API key}
- Get Access token in response
Figure 5
Consume APIs using access token: After obtaining the access token, send the token in HTTP header to access SAP FieldGlass REST APIs as shown in figure6
Resource URL for timesheet approvals: This will return all work items for the user
https://<SAP Fieldglass environment URL>/api/v1/approvals/module_TS
Figure 6
Example for approving a timesheet work item:
Figure 7
Few more examples
Job Posting: https://<SAP Fieldglass environment URL>/api/v1/approvals/module_JP
Work Order: https://<SAP Fieldglass environment URL>/api/v1/approvals/module_WO
Expense Sheet: https://<SAP Fieldglass environment URL>/api/v1/approvals/module_ES
Connectors in Fieldglass: For integration, SAP Fieldglass also provides SOAP-based connectors to upload/download the data. For example, timesheet data, expense sheet, worked download, active work order, etc.
To upload/download data via connectors, ask Fieldglass administrator to enable connector by raising SAP ticket and perform SOAP call as shown in figure 8
- URL: https://{FieldGlass_tenant_id}/ws2/services/Connector
- Username and Password: Get the authorized username and password from Fieldglass
- Connector: Provide the connector name
- Response: Get the response data
Figure 8
SAP Concur
Concur uses Oauth 2.0 framework to allow access to the restricted API data. Concur has several APIs, depending on the data that you want to Get/Post.
Here are two main API examples:
- The Travel/Itinerary API (v1.1)allows the user to access a Concur user/company’s itinerary, including hotel/flight booking info
- The Expense API (v3.0)allows the user to get (and push) a Concur user’s expense information, including expense line items, their types (e.g. food, lodging), totals, and even receipt images.
Get application clientID and clientSecret: Before getting an accessToken to consume APIs, register an application with Concur by contacting Partner Enablement Manager or Partner Account Manager. Once the application is registered, note down the clientId, clientSecret, and geolocation.
SAP Concur server URLs
Get Access Token: Now after getting the information from SAP Concur team follow the below steps as shown in figure9
- URL to get the token: https://{SAP Concur Server URL/Geo Location}/oauth2/v0/token
- Body section for POST call:&client_id=<clientId>&client_secret=<clientSecret>&grant_type=password&username=<Username>&password=<Password>
- Header – Content-Type : application/x-www-form-urlencoded;charset=utf-8
- Access token in response
Figure 9
Consume APIs using access token: After obtaining the access token, send the token in HTTP header to access SAP Concur APIs as shown in figure10
API url for user existence check: This will result in, if the mentioned user exists and active or not in the system
https://implementation.concursolutions.com/api/user/v1.0/user?loginID=abc@abc.com
Figure 10
URL to get expense reports: This will result in, all expense reports with the specified approver id
https://implementation.concursolutions.com/api/v3.0/expense/reports?user=ALL&approverLoginID=abc@abc...
More example
Purchase orders: https://implementation.concursolutions.com/api/v3.0/invoice/purchaseorders/<id>
SAP Cloud for Customer
SAP C4C allows customers to access data via soap service and OData APIs. In this blog, we will see how SAP C4C OData APIs can be accessed via the client application
C4C OData APIs can be accessed via basic authentication, by providing username and credentials. The authenticated user must have proper authorizations to access APIs
Here is the URL pattern to access standard OData API:
https://{tenant_id}/sap/c4c/odata/v1
Consume APIs using basic authentication: First get the C4C tenant id from admin and access the standard c4codata API as shown in figure11 and figure12
- URL: https://{tenant_id}.crm.ondemand.com/sap/c4c/odata/v1/c4codata/UserCollection
- Authentication: Basic authentication with username and password
- Response: Access the API data in response
Figure 11
Figure 12
To check what all entity sets are available under c4codata
https://{tenant_id}/sap/c4c/odata/v1/c4codata/
Few more examples
https://{tenant_id}/sap/c4c/odata/v1/c4codata/AccountCollection
https://{tenant_id}/sap/c4c/odata/v1/c4codata/ContactCollection
https://{tenant_id}/sap/c4c/odata/v1/c4codata/LeadCollection
SAP SuccessFactors
SAP SuccessFactors Employee Central provides two types of APIs to get/post data. First, check the SAP SF API url applicable for your SF data centers
https://apps.support.sap.com/sap/support/knowledge/public/en/2215682
a)
SFAPI: SAP SuccessFactors SFAPIs are SOAP-based service which is widely used in most of the integrations. The core API is CompoundEmployee which returns most of the data required for complex integration scenarios.
SFAPIs work on token-based authentication, meaning get the sessionId first and then send the sessionId to authorize the request as shown in figure13
- URL: https://{SFData Center}/sfapi/v1/soap
- Credentials: companyId = should be the SF instance company id username = authorized user name password = password of the authorized user
Get the session id and pass it in the header for the data request
Figure 13
b)
OData API: SAP SuccessFactors OData APIs supports basic authentication and fetches a particular set of data for the API as shown in figure 14
- URL: https://{SF Data Center}/odata/v2/
- Username: {username}@{companyId} Password: password for the authorized user
Figure 14
Please note: All the above content is based on the personal learning from SAP help and SAP official documentation, comments, and suggestions are always welcome.
Happy integrating APIs!