API Release Notes, July 2022
New This Month
OAuth 2.0 Migration
We have completed the conversion from the legacy authentication (deprecated 2017) method to the new OAuth 2.0 authentication method. This effort began in the third quarter of 2021 and has been completed as of June 30th, 2022.
Any existing partners, Client Web Service (CWS) clients, and clients with a Hosted Customer Connector using the legacy authentication (deprecated 2017) will need to be converted to the new OAuth 2.0 authentication. If you are a partner or a client using the legacy authentication (deprecated 2017) method, we have reached out and provided communication on how to convert to the new OAuth 2.0 authentication. Clients with a Hosted Custom Connector have been handled by the SAP Concur Development team.
For more information, please refer to Authentication.
Request v4 API – Management of Requests pending External Validation
We have retired the legacy Request v1, v3, and v3.1 APIs. Therefore, all features relying on those APIs are not supported anymore.
A legacy Request External Validation feature was initially described here. This will be set as DEPRECATED moving forward. Our customers should move as soon as possible to the new Request External Validation feature.
Required configuration within the Request workflow is documented here.
The Request v4 API that can be consumed for this feature is documented here.
Note that the assignment of the External System role is assigned to the new, manually created Pending External Validation workflow step. A dedicated scope will be required for the use of the Request v4 API workflow endpoint.
Please work with your SAP Concur representative to adapt the configuration of your workflow to the new Pending External Validation configuration requirement, and to consume the Request v4 API workflow endpoint to perform required actions (sendback, approve) on the Request pending External Validation.
Changes to Accounting Integration v4 API
Changes have been made to the Accounting Integration v4 API. A new billableField schema has been added to specify is the expense entry is billable.
The error schema has been renamed to ErrorMessage and the fields timestamp and httpStatus have been added.
A new SUPPORTS_LIABILITY_ACCOUNT field has been added to the erpPackage schema.
billableField has been added to the fileMapping schema.
Ongoing
None
Deprecations
APIs are being deprecated in accordance with the SAP Concur API Lifecycle & Deprecation Policy.
| Date | API | Details |
|---|---|---|
| 09/2021 | Deprecation of User v1 | User v1 service will be deprecated. User v1 service can be replaced with either the upcoming User Provisioning service and/or the Identity v4 service. Both of these services enable callers to CRUD user’s core/identity profile information like UUID, name, address, email, etc. |
| 07/2021 | User v3 API | We will be deprecating the User v3 API in a future release due to less secure authentication methods. |
| 04/2021 | Bulk User v3.1 API | We have deprecated the Bulk User v3.1 API for the US and EMEA data centers. This API is replaced by Identity v4. Decommission will follow. Bulk User v3.1 will remain available for China data centers. |
| 01/2021 | List v3 API | Effective April 16, 2021, we have deprecated the List v3 API. This API is replaced by the List v4 API. List v3 is planned to be retired in a future release. |
| 01/2021 | List Item v3 API | Effective April 16, 2021, we have deprecated the List Item v3 API. This API is replaced by the List Item v4 API. List Item v3 is planned to be retired in a future release. Please migrate to the List Item v4 API as soon as possible. |
| 06/2020 | Travel Profile Notification v1 API | We are deprecating the Travel Profile Notification v1 APIs due to low usage. |
| 04/2020 | Existing Concur Request APIs (v1.0, v3.0, v3.1) | Effective July 1, 2020, these APIs are replaced by the Concur Request v4 API. We have run a backward compatibility project between the current Concur Request APIs and the new Concur Request v4 API (not iso-compatibility) in order to have the vast majority of use cases managed in the previous versions also be managed in the Concur Request v4 API. |
| 01/2020 | List v1 API | We will be retiring the List v1 API in a future release. This API is replaced by the List v4 API. |
Planned Changes
| Date | API | Planned Change |
|---|---|---|
| 05/2022 | Hotel Service v4 API Available | The Hotel Service v4 API will allow Custom Hotel Source (CHS) vendors to provide hotel inventory, rates and booking related functionality to users of the new SAP Concur Online Booking Tool (Travel Evolution). |
| 05/2022 | Filters for Identity v4 API | We will be releasing SCIM formatted search filters for the Identity v4 API based on user attributes to help refine search results. This functionality will allow users to use attributes, logical operators, and grouping operators to improve search results to their specific requirements. |
| 04/2022 | User Provisioning v4 API Available | The User Provisioning Service will allow users to create, update, and replace users. This will allow faster and increased access to user data attributes. Once a user is provisioned, the user identity will be created in Profile, Travel and Spend. |
| 01/2022 | Account Termination Date Will be in UTC for Travel Profile v2 | The Account Termination Date will be returned in UTC. This will provide a consistent time and date reference for all users and all data centers. |
| 01/2022 | UUID is Returned in Success Response When New User Created via Travel Profile v2 API | Travel Profile v2 will return the user’s UUID synchronously in the success response. This will allow external systems that sync data with the API to have a unique identifier for the user’s profile immediately and use it on subsequent calls to update the user’s profile. |
| 01/2022 | New Client SSL Certificate for ESS webhook.api.concursolutions.com | To ensure the ongoing security of our products and services, the Event Subscription Service will be issuing a new webhook.api.concursolutions.com SSL certificate. |
| 10/2021 | Report Details v2 API Vulnerability Patch | We will be adding additional security to the Report Details v2 API. Current callers may receive a 401 - Unauthorized response if using an unauthorized admin OAuth token to access reports. |
| 09/2021 | Request v4 - Deprecation of the Request Cash Advance Endpoint | Initially planned for October 2021, Concur Request will soon deprecate the Request Cash Advance detail endpoint. Date will be communicated in future communications. |
| 04/2021 | Invoice Pay v4 GET Call Parameter | GET calls will have the option to use the new invoiceId parameter to retrieve payment information and the ERP Document ID associated to the invoice. The feature will be automatically available; there will be no additional configuration or activation steps. |
| 04/2021 | Invoice Pay v4 PATCH Endpoint | With the new PATCH, the invoice will be updated with the erpDocumentNumber value in the body whenever an invoiceId is passed as part of the API URL. The feature will be automatically available; there will be no additional configuration or activation steps. |