User App Certification Flow
Certification Process Flow
Once you sign the partnership agreement with the SAP Concur Business Development manager, you will receive a welcome letter. When you are ready to start the development project you’ll need to follow the steps below to complete the User App certification.
-
You submit the Readiness Form using the link in the Welcome Letter.
-
SAP Concur Certification Project Manager (CPM) on duty prepares the development environment and Development App for you.
-
The CPM sends the development environment details and certification requirements to your technical lead via PlatformCertification@sap.com. Note: You’ll use this email for all correspondence with the CPM.
-
You develop and test the Development App in your development environment.
-
You send an email to the CPM to schedule the Development App certification one month before the certification week. The CPM will send the meeting invitation to your technical contact. Please find your certification date on the certification calendar.
-
The CPM conducts the Development App certification walkthrough on the scheduled date. If your app fails in the Development App certification walkthrough, you’ll need to fix the issues and goes back to step 6 to reschedule the certification walkthrough. Please refer to the Certification Check List for the certification requirements.
-
The CPM prepares the Production App and sends App credentials to you.
-
You deploy and test the Production App in your production environment.
-
Your marketing team submits App listing documents and images to Concur_AppcenterMarketing@sap.com. This step could happen at anytime before step 9. Please refer to App Center Listing for more information.
-
The App Center marketing team reviews and approves the listing documents and sends the confirmation to your marketing team, and also copies the CPM. You need the App Center marketing team’s approval before moving to step 12.
-
You email the CPM to schedule the Production App certification one month before the certification week. The CPM will send the meeting invitation to your technical contact. Please find your certification date on the certification calendar.
-
The CPM conducts the Production App certification walkthrough on the scheduled date. If your app fails in the Production App certification walkthrough, you’ll need to fix the issues and goes back to step 12 to schedule the next certification walkthrough. Please refer to Certification Check List for the certification requirements.
-
Once the certification project is complete, the CPM sends you the Certification Notification.
Certification Check List
You must meet following certification requirements before proceeding to the certification walkthrough demo.
App Center Connection Flow
| Requirement | Description |
|---|---|
| Landing Page - All Pages | Should include support and help options clearly throughout the process. |
| Landing Page - All Pages | Must include your company branding and specific application brand, if applicable. |
| Landing Page - First Pages | Must clearly indicate this is an integration with the SAP Concur platform. |
| Landing Page - First Pages | Must include links to your terms and conditions and privacy policy. |
| Landing Page - First Pages | Must use one of the following calls to action: 1) Sign-In or Sign-Up (a prompt to login or create new account) 2) Verification (a prompt to enter a verification/access code) |
| Landing Page - Account Creation Pages | If your account creation process requires multiple steps, provide a progress indicator so the user knows what is required. |
| Landing Page - Confirmation Pages | Must have an indication that the connection was successful. |
| Landing Page - Confirmation Pages | Must provide next steps: 1) Provide customer information on what will occur next such as expect email, etc. 2) User should be directed to close the window as the connection is complete. |
| Landing Page - Confirmation Pages | You should not obtain an access_token until customer has completed all actions on the Landing Page. |
Token Management
| Requirement | Description |
|---|---|
| Geolocation | Must securely store last received geoLocation to use on subsequent calls. |
| Refresh Token | Must securely store last received refresh_token to use on subsequent calls. |
| Token Expiration Date | Must securely store refresh_token expiry date. |
API Logging
| Requirement | Description |
|---|---|
| Error Codes | Must log Error Code / Error Description. |
| Correlation ID | The API call’s HTTP Response header contains a field concur-correlationid which is an unique id for each API call. Some legacy APIs do not. You must log this correlation id when provided. |
| User ID | Should log UserID (User who clicked the Connect button). |
| Response Header | For the eReceipt App, should log the concur-correlationid,link, and location data. |
| Response Body | For the Quick Expense App, should log response body. |
Production Readiness
| Requirement | Description |
|---|---|
| Documentation | You will produce a Technical Guide that includes: Solution’s architecture, functions, and schema. Detailed token management (obtaining, refreshing, and storing tokens). API scopes with corresponding parameters used. API Logging. |
| Register Authorized Support Contacts | You must have registered Authorized Support Contacts. |
| Submit Support Case | You must submit at least one Support Case at Partner Support Portal. |
Certified APIs
| Requirement | Description |
|---|---|
| OAuth2 - US DC Client | You must demonstrate ability to authenticate clients in the US Data Center (default geolocation). |
| OAuth2 - EU DC Client | You must demonstrate ability to authenticate client in the EU Data Center (token geolocation). |
| OAuth2 - CN DC Client | (Optional) If your App supports the users hosted on China Data Center, you must demonstrate ability to authenticate client in China Data Center (default geolocation). |
| eReceipt or Quick Expense API - US DC Client | You must demonstrate ability to post eReceipt or Quick Expense data in US Data Center. |
| eReceipt or Quick Expense API - EU DC Client | You must demonstrate ability to post eReceipt or Quick Expense data in EU Data Center. |
| eReceipt or Quick Expense API - CN DC Client | (Optional) If your App supports the users hosted on China Data Cetner, you must demonstrate ability to post eReceipt or Quick Expense data in China Data Center. |