API Release Notes, May 2024
New This Month
Planned Change: Request v4 New isPaymentCardRelated Field
Concur Request will introduce a new isPaymentCardRelated field within the Get the list of expected Expenses and Get the content of an expected expense endpoints at the entry level.
The addition of a new isPaymentCardRelated field within the Request v4 API is aligned with the addition of a new Is Payment Card Related boolean field within the Request Entry Forms and Fields. This Is Payment Card Related boolean field will be made available to Concur Request customers to enable their end users to select if one or several expected expenses (including segments) would require the need of a payment card. Customers and partners consuming the Concur Request v4 APIs will have the ability to know which Request has at least one expected expense requiring a payment card (see Request Event new feature section below), and retrieve the corresponding amount via those endpoints.
The Is Payment Card Related field can be added at the Request entry level for one or several expected expenses (including segments).
For more information about how to add a new field within a Request entry form, please refer to the Concur Request: Forms and Fields technical guide.
If an end user selects the Is Payment Card Related field within an expected expense, the isPaymentCardRelated field will be set to true within the Get the list of expected expenses endpoint as well as the Get the content of an expected expense endpoint, for this corresponding expected expense. Else the field with show false. Several expected expenses of a Request can have the field Is Payment Card Related selected by their traveler.
Planned Change: Request Event New isPaymentCardRelated Field
Concur Request will introduce a new isPaymentCardRelated field within the Concur Request Event Facts fields.
The new isPaymentCardRelated field is aligned with the addition of the new Is Payment Card Related boolean field within the Request Entry Forms and Fields. The Is Payment Card Related field can be added at the Request entry level for one or several expected expenses (including segments). More information within the new feature Request v4 API section above.
If an end user selects the Is Payment Card Related for at least one expected expense (including segments) of a Request, then the Request workflow status change event will contain the isPaymentCardRelated fact field set to true. Else the field with show false.
Planned Change: Travel Allowance v4 API
The Travel Allowance v4 API will allow you to extract travel allowance information from the SAP Concur platform. The API provides the possibility to read travel allowance itinerary data, calculation results, and configuration settings.
The API can be used by customers and partners to build custom solutions to enhance their business processes wherever travel allowance data is needed. This could be reports, forms, special audit requirements, passing travel allowance data to time management systems for further processing and many more.
Now Available: Hotel Service Change Notification API
The Hotel Service Change Notification API allows Custom Hotel Source (CHS) vendors to provide the SAP Concur platform with details of offline cancellations and changes they make to bookings created in the SAP Concur Online Booking tool (Travel Evolution). The API will allow CHS vendors to provide updates in real time so that travelers have the most up to date information about their booking.
As part of this release we have created a new shared schema page for Hotel Service v4 and this API.
Planned Change: Deep Links now available for Air, Car, Hotel, and Rail
In late June, Concur Travel will add support for deep link URLs to Car, Hotel, and Rail Search Results. By providing URL parameters, customers and partners will be able to create a deep link that users can follow and land on Concur search results page bypassing the homepage.
This feature enables clients and partners to incorporate Concur Travel into the journey maps they design for their end users. Developers can leverage the deep link to allow the user to skip the Concur home page and the search widget, making the booking process a more seamless part of larger end-to-end processes.
Planned Change: PGP Key for File Transfers to be Replaced
Files transferred to SAP Concur solutions must be encrypted with the SAP Concur public PGP key.
- A new PGP key, key ID 8C51C89E, will be available in the client’s root folder beginning on or before May 24, 2024. The file name will be concursolutions.asc.
- The current key, key ID 9AFF10B5, will expire on September 4, 2024, and should no longer be used.
More information about migrating from the legacy key (key ID D4D727C0) to the new key (key ID 8C51C89E), will be provided in the June 2024 release notes.
The expiration date of the current key (key ID 9AFF10B5) cannot be changed. To ensure that file uploads continue to be processed after the key expires on September 4, 2024, clients must migrate to the new PGP key (key ID 8C51C89E) before the expiration date.
If you are unable to migrate to the new key (key ID 8C51C89E) before September 4, 2024, you can manually upload files using the Import / Extract Monitor feature.
For more information about the Import / Extract Monitor feature, refer to the Shared: Import/Extract Monitor User Guide.
Admin Experience
When it becomes available, an administrator with the required file transfer credentials can log into the file transfer site to retrieve the public PGP key, concursolutions.asc, from the root directory.
Configuration
When it becomes available, your internal file transfer administrator can add the new key to their PGP keyring and start using it to encrypt files being transferred to SAP Concur. If you require assistance, please contact SAP Concur support.
For more information, refer to the Shared: File Transfer for Customers and Vendors User Guide.
Planned Change: Retention Period for Credit Card Data Files
For compliance reasons, SAP Concur will be implementing a process wherein card data files received from external sources (Issuing banks, Card associations) will be deleted from systems after 90 days. In most cases, this should not be a concern as the normal practice is to automatically import and load the data contained in these files within 24 hours of receipt. In the case that the raw data is required following the 90 day window, clients can work with their issuing bank to have these files re-sent.
Ongoing
Configuration / Feature Activation
You may need to make changes to accommodate our new IPs. For more information about SAP Concur file transfers, refer to Shared: AWS File Transfer for Clients and Vendors.
Cipher Security Policy Change for Clients and Vendors
On April 16, 2024, 9:30 AM ET, SAP Concur will update its file transfer security policy from TransferSecurityPolicy-2020-06 to TransferSecurityPolicy-2022-03.
This notice pertains to the following file transfer DNS endpoints:
- EU2 AWS Transfer Site: mft-eu2.concursolutions.com
- US2 AWS Transfer Site: mft-us2.concursolutions.com
NOTE: If you are using client software that does not support TransferSecurityPolicy-2022-03, you must move to supported SFTP client software before April 16, 2024.
For more information about transfer security policies, including a list of supported cryptographic algorithms, refer to Security polices for AWS Transfer Family and Cryptographic Algorithms on the AWS documentation website.
Configuration / Feature Activation
This change occurs automatically. You may need to make changes to accommodate our new security policy. For more information about SAP Concur file transfers, refer to Shared: AWS File Transfer for Clients and Vendors.
Deprecations and Decommissions
APIs are being deprecated or decommissioned in accordance with the SAP Concur API Lifecycle & Deprecation Policy.
| Date | API | Details |
|---|---|---|
| 03/2024 | Deprecation of Spend User Retrieval 4.0. | The decommission of password provisioning via file import will occur in April 2025. |
| 07/2023 | Decommission of Password Provisioning via File Import | The decommission of password provisioning via file import will occur on October 1st, 2023. |
| 07/2023 | Decommissioning of Password Provisioning | Beginning August 2nd, 2023, password provisioning for user accounts will not be supported. |
| 07/2023 | Decommission of User v1 Password Endpoint | The decommission of the User v1 password endpoint will occur on July 28th, 2023. |
| 06/2023 | Deprecation of Launch External URL Callout v1 | The Launch External URL V1 API is deprecated as of June 16th, 2023. Decommission will follow. |
| 01/2023 | Move from the Travel Request External Validation Callout v1 to the Event Subscription Service (ESS) | This callout was designed to work with the Concur Request v1 API that is in the process of being decommissioned. Users are strongly recommended to move to the Event Subscription Services (ESS) in order to subscribe to the Request events. |
| 12/2022 | Decommission of Existing Concur Request APIs (v1.0, v3.0, v3.1) | The decommission of the v1.0, v3.0, and v3.1 APIs is planned to conclude soon. Users that have not yet migrated to the Concur Request v4 APIs are strongly encouraged to make the required developments. |
| 11/2022 | Deprecation of User v1 | Effective November 10th, 2022, the User v1 API has been deprecated. This has been replaced by User Provisioning Service v4. Decommission has been extended and will conclude on May 31st, 2024. |
| 11/2022 | Deprecation of User v3 | Effective November 10th, 2022, the User v1 API has been deprecated. This has been replaced by User Provisioning Service v4. Decommission has been extended and will conclude on May 31st, 2024. |
| 10/2022 | Deprecation of Cash Advance v4 | Effective October 1st, 2022, the Cash Advance v4 API is deprecated. This has been replaced by the release of Cash Advance v4.1. Decommission will follow on October 2, 2023. |
| 10/2022 | Deprecation of Hotel Service v2 | Effective October 14th, 2022, the Hotel Service v2 API is deprecated. This has been replaced by the release of Hotel Service v4. Decommission will follow on October 16, 2023. |
| 04/2021 | Bulk User v3.1 API | We have deprecated the Bulk User v3.1 API for the US and EMEA data centers. This API is replaced by Identity v4. Decommission will follow. Bulk User v3.1 will remain available for China data centers. |
| 01/2021 | List v3 API | Effective April 16, 2021, we have deprecated the List v3 API. This API is replaced by the List v4 API. List v3 is planned to be retired in a future release. |
| 01/2021 | List Item v3 API | Effective April 16, 2021, we have deprecated the List Item v3 API. This API is replaced by the List Item v4 API. List Item v3 is planned to be retired in a future release. Please migrate to the List Item v4 API as soon as possible. |
| 06/2020 | Travel Profile Notification v1 API | We are deprecating the Travel Profile Notification v1 APIs due to low usage. |
| 01/2020 | List v1 API | We will be retiring the List v1 API in a future release. This API is replaced by the List v4 API. |
Planned Changes
| Date | API | Planned Change |
|---|---|---|
| 01/2024 | Hotel Service v4 | Updates to Hotel Service v4 that will remove existing elements from the |
| 11/2023 | Expense Report v1.1 | We will be adding a new request query parameter includeInactive={Y/N} to return both active and inactive delegators for a particular delegate. If this parameter is not present the API will return only active delegators (no change from current behavior). |
| 09/2023 | Travel Profile API 2.0 | All partners and customers currently using Travel Profile API 2.0 will need to prepare their systems to support two new Gender values: Unknown and Unspecified. The support for those new values is planned to be released in Q1 2024. |
| 05/2023 | Get Cost Objects Request v4 API | This endpoint will allow external callers to view a Request’s approver related cost objects within a cost object approval workflow. |
| 04/2023 | Get Cost Object for Approver v4 API | Externalizing this endpoint allows external callers to view a report’s approver related cost objects within a cost object approval workflow. |