API Release Notes, October 2022
New This Month
SAP ICS Connector Production Sandbox Environment Migration Change Required
By early December 2022, we will be completing the migration of implementation environments to AWS. After migration, all users who are currently using:
- The SAP ICS Connector in their Production Sandbox Environment
- Legacy authentication (user and password)
will encounter an error in the Production Sandbox Environment. This will not impact your production environment and will not affect SAP S/4HANA Cloud, public edition customers.
In order to avoid disruption, authentication will need to be updated post-migration. Users can do this by updating their login ID to contain the .uat domain. For more information on how to update your login ID, please see the following knowledge base article.
Deprecation of Cash Advance v4 API
Effective October 1st, 2022, the Cash Advance v4 API is deprecated. This has been replaced by the release of Cash Advance v4.1. Decommission will follow.
Deprecation of Hotel Service v2 API
Effective October 14th, 2022, the Hotel Service v2 API is deprecated. This has been replaced by the release of Hotel Service v4. Decommission will follow.
Events for User Identity
Three external event topics have been released to inform users when an identity is created, updated, or deleted within their company. After subscribing to the topic, users will be updated when a new identity is created with a URL to the identity. Update events will include the updated attributes included within the event and a URL to the identity to retrieve values.
Demonstration Sample Code Now Available
Sample code that demonstrates how to obtain refresh tokens, automate token management, and use it to retrieve an access token to call an API is now available on the Authentication: Getting Started page.
Planned Change: Addition of ECDSA Encryption and Cipher Retirement
To provide ongoing security for our products, we plan to remove support for select ciphers on February 16, 2023, at 5 PM PST. For more information, please see the Planned Changes: Addition of ECDSA Encryption and Cipher Retirement in the October release notes.
Ongoing: Production Sandbox Environment Login Updates
Some SAP Concur users use Production Sandbox Environment (PSE) entities to set up, test, and train on new configurations prior to deploying them to their live production entity. SAP Concur plans to migrate PSEs as part of our move to Amazon Web Services (AWS).
Today, a user can maintain the same login ID for their test and production entities because they are in separate environments. With the plan to migrate both test and production entities to the same AWS production environment in the future, this will no longer be possible since each login ID must be unique.
While there is no action required for customers regarding this update, we want to ensure customers are aware of it because the change will be visible in certain areas of PSEs. To account for this change, we will append all PSE login IDs with a “.uat” domain during both migration and user creation to ensure they are unique and do not conflict with any existing production login ID. For example, firstname.lastname@example.org will become email@example.com.
No changes will made to the login IDs in the current implementation environment in our private data centers.
This process will occur in the background during both the migration and user creation processes. Because we will manage this process, users will NOT have to make any changes to their login ID.
During the migration, user profiles will be synchronized to the new environment. Depending on the number of users to be synchronized, the synchronization process might take a few minutes, a few hours, or a few days. While this process is in progress, users might not be able to log into the PSE. If a user is unable to sign in after the migration, they should wait a few hours or as much as a day, before attempting to logging in again.
For migrated users, they will still use the same implementation URL and login ID they used prior to the AWS migration.
New clients will use the AWS production URL: https://us2.concursolutions.com or https://eu2.concursolutions.com with the appended login ID, which will include the appended domain (for example, firstname.lastname@example.org, as shown).
This change will help to safeguard against any conflicts with production login IDs.
User Creation: Additionally, clients can use the exact same employee import files as they would in production. The .uat domain will also be applied to all aspects of user creation: FTP import, Excel import, entity restore, and more. Extracts: When generating accounting extracts or financial integration documents, we will automatically remove the .uat domain from login IDs that were appended during user creation. This will help to generate realistic extracts without requiring any actions from the clients, such as removing the appended domain. User Profile Sync Process: During the migration, user profiles will be synchronized to the new environment. Depending on the number of users to be synchronized, the synchronization process typically takes a few minutes or hours, but may take up to 72 hours. While this process is in progress, users might not be able to sign in to the PSE. If a user is unable to sign in after the migration, they should wait before attempting to sign in again. If the issue persists beyond 72 hours, please open a case with SAP Concur support.
NOTE: These changes apply to PSEs that have been moved or created in the AWS environment. Migration of PSEs is ongoing.
Migration of Test Entities & Production Sandbox Environment
Some SAP Concur users use Production Sandbox Environment (PSE) entities to set up, test, and train on new configurations prior to deploying them to their live production entity. We plan to migrate PSEs as part of our move to Amazon Web Services (AWS). For more information, please see the Test Entities: Production Sandbox Environment release note in the August Shared Release Notes.
IP Address Range for Callouts
Beginning in August and continuing through the end of 2022, servers that support SAP Concur callouts in the US & EMEA datacenters will be upgraded. For more information on this release note, please see the August Shared Release Notes.
APIs are being deprecated in accordance with the SAP Concur API Lifecycle & Deprecation Policy.
|09/2021||Deprecation of User v1||User v1 service will be deprecated. User v1 service can be replaced with either the upcoming User Provisioning service and/or the Identity v4 service. Both of these services enable callers to CRUD user’s core/identity profile information like UUID, name, address, email, etc.|
|07/2021||User v3 API||We will be deprecating the User v3 API in a future release due to less secure authentication methods.|
|04/2021||Bulk User v3.1 API||We have deprecated the Bulk User v3.1 API for the US and EMEA data centers. This API is replaced by Identity v4. Decommission will follow. Bulk User v3.1 will remain available for China data centers.|
|01/2021||List v3 API||Effective April 16, 2021, we have deprecated the List v3 API. This API is replaced by the List v4 API. List v3 is planned to be retired in a future release.|
|01/2021||List Item v3 API||Effective April 16, 2021, we have deprecated the List Item v3 API. This API is replaced by the List Item v4 API. List Item v3 is planned to be retired in a future release. Please migrate to the List Item v4 API as soon as possible.|
|06/2020||Travel Profile Notification v1 API||We are deprecating the Travel Profile Notification v1 APIs due to low usage.|
|04/2020||Existing Concur Request APIs (v1.0, v3.0, v3.1)||Effective July 1, 2020, these APIs are replaced by the Concur Request v4 API. We have run a backward compatibility project between the current Concur Request APIs and the new Concur Request v4 API (not iso-compatibility) in order to have the vast majority of use cases managed in the previous versions also be managed in the Concur Request v4 API.|
|01/2020||List v1 API||We will be retiring the List v1 API in a future release. This API is replaced by the List v4 API.|
|05/2022||Filters for Identity v4 API||We will be releasing SCIM formatted search filters for the Identity v4 API based on user attributes to help refine search results. This functionality will allow users to use attributes, logical operators, and grouping operators to improve search results to their specific requirements.|
|04/2022||User Provisioning v4 API Available||The User Provisioning Service will allow users to create, update, and replace users. This will allow faster and increased access to user data attributes. Once a user is provisioned, the user identity will be created in Profile, Travel and Spend.|
|01/2022||Account Termination Date Will be in UTC for Travel Profile v2||The Account Termination Date will be returned in UTC. This will provide a consistent time and date reference for all users and all data centers.|
|01/2022||UUID is Returned in Success Response When New User Created via Travel Profile v2 API||Travel Profile v2 will return the user’s UUID synchronously in the success response. This will allow external systems that sync data with the API to have a unique identifier for the user’s profile immediately and use it on subsequent calls to update the user’s profile.|
|10/2021||Report Details v2 API Vulnerability Patch||We will be adding additional security to the Report Details v2 API. Current callers may receive a
|09/2021||Request v4 - Deprecation of the Request Cash Advance Endpoint||Initially planned for October 2021, Concur Request will soon deprecate the Request Cash Advance detail endpoint. Date will be communicated in future communications.|
|04/2021||Invoice Pay v4 GET Call Parameter||GET calls will have the option to use the new
|04/2021||Invoice Pay v4 PATCH Endpoint||With the new PATCH, the invoice will be updated with the