In this Article
Overview
Snaps in the Coupa Snap Pack use the Coupa OAuth2 account to access the Coupa application. For the OAuth2 account to function without any issue, ensure to create and configure a connected App corresponding to the account as explained in the steps below. These steps also contain the information required to define a new OAuth2 account for using this Snap Pack.
Creating an OAuth app in Coupa Portal
SnapLogic supports only Client Credentials Grant type. Using this Grant type, you can create a client and generate Client ID and Client Secret to request for an access token.
Prerequisites:
Admin access to Coupa
Log into Coupa as an integrations-enabled administrator.
Log into the Coupa portal. The URL format for Coupa instances:
Customer instances:https://{organization_name}.coupahost.com
Partner and demo instances:https://{organization_name}.coupacloud.comNavigate to Setup > Integrations > Oauth2/OpenID Connect Clients.
Note: You can also search for ‘oauth’ in the Find it fast search box.
Click Create in Oauth2/OpenID Connect Clients page.
From the Grant type list, select Client credentials.
Specify the details for the client, such as Name, Login, Contact First Name, Contact Last Name, and Contact Email as shown in the image below:
Note: You must provide a unique login ID for Client Credentials Grant type, else Coupa displays an error,
Login has already been taken.Select the Scopes you want to include in this API setup.
Note: To create a client app, we must select at least one scope and the scopes which provide access to specific APIs required for your functionality.Click Save to save the client.
The client Identifier and Secret are generated. You can toggle the Show/Hide link to display and copy the client secret.
You can use the values of Client ID and Client Secret to gain access to the Coupa APIs. When you create a new Open Connect client, access is granted to a specific application or user client for specific areas of the product, defined by scopes.
Requesting an Access Token to use in Coupa Dynamic OAuth2 account
Once you have created a client, the next step is to request for an access token. Token is automatically accepted and generated. Client credentials requires no consent and a HTTPS POST request can be made directly to Coupa.
The following example is a request for an access token using curl:curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "client_id=<CLIENT_ID>&grant_type=client_credentials&scope=<SPACE_SEPARATED_LIST_OF_SCOPES>&client_secret=<CLIENT_SECRET>" <https://<INSTANCE_DOMAIN>/oauth2/token>
The response from the curl command is a JSON object that contains the access token.
Scopes
Coupa scopes take the form of service.object.right. For example, core.accounting.read or core.accounting.write. Navigate to the Scope management page in Coupa portal to find the list of scopes and their underlying permissions. To view the API permissions associated with each scope, click the Scope link. Learn more about Scopes available in Coupa.
Scope with offline_access : Client Credentials grant type provides only access token and expiry.
Locate/Define Information Required to Create your Coupa OAuth2 Account
Specify the values required to create a successful Coupa OAuth2 account.
Navigate to the Coupa Snap of your choice and configure the Coupa OAuth2 Account with the following details:
Client ID: A Public Identifier for your app. Provide the Client ID that is auto-generated after creating the app in the Coupa portal.
Client Secret: Secret value known only to the app and the auth server. Provide the Client Secret that is auto-generated after creating the app in the Coupa portal.
Click Authorize.
You will be redirected to the login page of Coupa.Log into Coupa and accept the permissions.
The Access token is populated in the respective fields.Click Apply after the authorization is successful.