Skip to Content
Technical Articles
Author's profile photo Yogananda Muthaiah

SAP CPQ – API Authentication Types

Dear all,

In this article, you will come to know different ways to authenticate your SAP CPQ APIs for REST & SOAP methods. I will provide you more examples in my next blog for all the Authentication types.

Its good to know each and every authentication types for users to authenticate the API endpoint. More details, refer this link

SAP CPQ API Documentation


1. REST API Authentication

  • JWT Bearer Token 🔐

  • Stateful Authentication

  • Basic Authentication

  • Token API Authentication 🔐

    • Password Grant Authentication

    • Client Certificate Authentication 📜

  • OAuth 2.0 JWT Assertion Profiles 🔐

    • Generate JWT Assertion Grant Type

    • Generate SAML Bearer Grant Type

2. SOAP API Authentication

  • Basic Authentication

  • Client Certificate Authentication (x509 mTLS) 📜

  • Inbound & Outbound Certificate Authentication 📜

📜 Certificate Based Authentication  – Secured and Best


Certificate + Token Based Authentication  – More Secured and Best

Note : 

If you feel SAP CPQ Help documentation, doesn’t provide more information.. Kindly raise a support ticket with component – CEC-SAL-CPQ with providing the link to the page which lacks of more detailed steps that can be improved.

In this article we have shown a lot of methods of securing your APIs. All of these 2 (REST&SOAP) have their own pros & cons but the best that comes out to be is OAuth which many industries & businesses prefer when dealing with client-server scenarios.

OData APIs are still not available for SAP CPQ


Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.