Skip to Content
Author's profile photo Aman Gupta

APIs for SAP SaaS applications

APIs for SAP SaaS applications

In this blog, we will be covering the integration options available with listed SAP SaaS systems via APIs. It is always time-consuming for a developer to refer, test and implement the standard API documents so the objective of this blog is to keep everything simple and in one place.

Introduction to Web services API

In simple words, API defines a set of rules or methods which allows access to get specific information.

Most often-used types of web service:

  • SOAP –  is a protocol that defines the communication method, and the structure of the messages. SOAP service publishes a definition of its interface in a machine-readable document, using wsdl – Web Services Definition Language and the data transfer format is XML
  • XML-RPC – is an older protocol than SOAP. It uses a specific XML format for data transfer, whereas SOAP allows a proprietary XML format. An XML-RPC call tends to be much simpler, and to use less bandwidth, than a SOAP call
  • JSON-RPC – is like XML-RPC, but uses JSON instead of XML for data transfer
  • REST – is not a protocol, but rather a set of architectural principles. The thing that differentiates a REST service from other web services is its architecture. Some of the characteristics required of a REST service include simplicity of interfaces, identification of resources within the request, and the ability to manipulate the resources via the interface


In this blog, we will cover below SAP SaaS applications

  1. SAP Ariba
  2. SAP FieldGlass
  3. SAP Concur
  4. SAP Hybris cloud for customer
  5. SAP SuccessFactors

We will be using Postman to play around with the APIs.


SAP Ariba

Ariba provides open API portal to integrate 3rd party applications with SAP Ariba network and SAP Ariba solutions.

The developer portal provides a catalog with a full description of available APIs as described in figure1

 Figure 1

 Get the developers portal access to develop and manage API applications: Ask company partner admin to provide the developers portal access. URL:

 Create an application in developer’s portal: Login and go to manage tab, create a new application and enter any relevant name as shown in figure2

Figure 2

Promote the application for productive usage: Request partner admin to get the application approved for Test/Production usage and map the application with the realm of company environment. Once done get the information from partner admin.

  • ClientID
  • ClientSecret
  • Application API key

Get the access token: Once all the information is provided, encode the ClientID and ClientSecret in base 64 format. Post the request as shown in figure 3

  1. Ariba oauth url:
  2. Header values: Content-Type: application/x-www-form-urlencoded                             Authorization: Basic {base64(ClientID:ClientSecret)}
  1. Body: grant_type=openapi_2lo
  2. Access and refresh token in response

Figure 3

Consume APIs using access token: After getting the access token, do a GET call as shown in figure 4

  1. Ariba runtime url:
  2. Header value: Content-Type: application/xml
  3. Header value: apiKey: {Application Key}
  4. Authorization: Bearer {Access Token}
  5. Response from requested API

Figure 4

Few more examples



SAP Fieldglass

Here we will cover the general API information applicable to the SAP Fieldglass REST APIs, how the REST APIs work, how to obtain authentication and authorization to connect to a REST API.

SAP Fieldglass REST APIs use the OAuth 2.0 protocol for authentication and authorization.

To perform GET/POST operations on SAP Fieldglass APIs, gather information from Fieldglass admin

  • Fieldglass environment URL
  • User credentials = Base64Encoded(user:credential)
  • Fieldglass client specific application key

Now, after getting above information from SAP Fieldglass team follow the below steps

Obtain OAUTH token from Fieldglass server as shown in figure5

  1. URL to get the token: https://{SAP Fieldglass URL}/api/oauth2/v2.0/token?grant_type=client_credentials&response_type=token
  2. Authorization: Basic {base64(user:credential)}
  3. X-ApplicationKey: {Provided API key}
  4. Get Access token in response

Figure 5

Consume APIs using access token: After obtaining the access token, send the token in HTTP header to access SAP FieldGlass REST APIs as shown in figure6

Resource URL for timesheet approvals: This will return all work items for the user

https://<SAP Fieldglass environment URL>/api/v1/approvals/module_TS

Figure 6

Example for approving a timesheet work item:

Figure 7

Few more examples

Job Posting: https://<SAP Fieldglass environment URL>/api/v1/approvals/module_JP

Work Order: https://<SAP Fieldglass environment URL>/api/v1/approvals/module_WO

Expense Sheet: https://<SAP Fieldglass environment URL>/api/v1/approvals/module_ES


Connectors in Fieldglass: For integration, SAP Fieldglass also provides SOAP-based connectors to upload/download the data. For example, timesheet data, expense sheet, worked download, active work order, etc.

To upload/download data via connectors, ask Fieldglass administrator to enable connector by raising SAP ticket and perform SOAP call as shown in figure 8

  1. URL: https://{FieldGlass_tenant_id}/ws2/services/Connector
  2. Username and Password: Get the authorized username and password from Fieldglass
  3. Connector: Provide the connector name
  4. Response: Get the response data

Figure 8



SAP Concur

Concur uses Oauth 2.0 framework to allow access to the restricted API data. Concur has several APIs, depending on the data that you want to Get/Post.

Here are two main API examples:

  • The Travel/Itinerary API (v1.1)allows the user to access a Concur user/company’s itinerary, including hotel/flight booking info
  • The Expense API (v3.0)allows the user to get (and push) a Concur user’s expense information, including expense line items, their types (e.g. food, lodging), totals, and even receipt images.

Get application clientID and clientSecret: Before getting an accessToken to consume APIs, register an application with Concur by contacting Partner Enablement Manager or Partner Account Manager. Once the application is registered, note down the clientId, clientSecret, and geolocation.

SAP Concur server URLs

Get Access Token: Now after getting the information from SAP Concur team follow the below steps as shown in figure9

  1. URL to get the token: https://{SAP Concur Server URL/Geo Location}/oauth2/v0/token
  2. Body section for POST call:&client_id=<clientId>&client_secret=<clientSecret>&grant_type=password&username=<Username>&password=<Password>
  3. Header – Content-Type : application/x-www-form-urlencoded;charset=utf-8
  4. Access token in response

Figure 9

Consume APIs using access token: After obtaining the access token, send the token in HTTP header to access SAP Concur APIs as shown in figure10

API url for user existence check: This will result in, if the mentioned user exists and active or not in the system


Figure 10

 URL to get expense reports: This will result in, all expense reports with the specified approver id

More example

Purchase orders:<id>



SAP Cloud for Customer

SAP C4C allows customers to access data via soap service and OData APIs. In this blog, we will see how SAP C4C OData APIs can be accessed via the client application

C4C OData APIs can be accessed via basic authentication, by providing username and credentials. The authenticated user must have proper authorizations to access APIs

Here is the URL pattern to access standard OData API: https://{tenant_id}/sap/c4c/odata/v1


Consume APIs using basic authentication: First get the C4C tenant id from admin and access the standard c4codata API as shown in figure11 and figure12

  1. URL: https://{tenant_id}
  2. Authentication: Basic authentication with username and password
  3. Response: Access the API data in response

Figure 11


Figure 12

To check what all entity sets are available under c4codata https://{tenant_id}/sap/c4c/odata/v1/c4codata/

Few more examples






SAP SuccessFactors

SAP SuccessFactors Employee Central provides two types of APIs to get/post data. First, check the SAP SF API url applicable for your SF data centers

a) SFAPI: SAP SuccessFactors SFAPIs are SOAP-based service which is widely used in most of the integrations. The core API is CompoundEmployee which returns most of the data required for complex integration scenarios.

SFAPIs work on token-based authentication, meaning get the sessionId first and then send the sessionId to authorize the request as shown in figure13

  1. URL: https://{SFData Center}/sfapi/v1/soap
  2. Credentials: companyId = should be the SF instance company id                          username = authorized user name                                                                     password = password of the authorized user

Get the session id and pass it in the header for the data request

Figure 13

b) OData API: SAP SuccessFactors OData APIs supports basic authentication and fetches a particular set of data for the API as shown in figure 14

  1. URL: https://{SF Data Center}/odata/v2/
  2. Username: {username}@{companyId}                                                                                        Password: password for the authorized user

Figure 14


Please note: All the above content is based on the personal learning from SAP help and SAP official documentation, comments,  and suggestions are always welcome.


Happy integrating APIs!

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Richard McArthur
      Richard McArthur

      Good work Aman.

      Author's profile photo Eng Swee Yeoh
      Eng Swee Yeoh

      Nice collection of SAP API details.


      It is interesting to note that SAP API Business Hub is "supposed to be" the place to discover and play with such APIs in a sandbox environment, but I just checked and not all the SaaS are covered there.

      Author's profile photo Aaditya Nigam
      Aaditya Nigam

      Hello Eng Swee Yeoh

      I would like to make a small correction to your comments above

      ...and not all the SaaS are covered there ...yet.

      We are focused on shipping more APIs, improving the quality of existing APIs and delivering more features to ease the consumption of the APIs.

      Speaking of features how did you like our new SDK download for App extension on java?

      But i do appreciate your comment. I request you to keep visiting and please do keep checking i promise you will find something new each time you visit.

      Warm regards


      Author's profile photo Aaditya Nigam
      Aaditya Nigam

      Hello Aman,


      Brilliant Article 🙂


      Warm regards


      Author's profile photo Anshul Walia
      Anshul Walia


      Wonderful information regarding APIs...  Thank you

      Author's profile photo Kakarla Murali
      Kakarla Murali

      Can any one share SAP ABAP code to access same API