Application Configuration in SuccessFactors Portal for OAuth2 Account to use in SuccessFactors
In this article
Overview
Snaps in the SAP SuccessFactors Snap Pack use the SuccessFactors OAuth2 account to access the SuccessFactors application. For the OAuth2 account to function without any issue, ensure to create and configure a connected app corresponding to the account. This Snap Pack supports OAuth 2.0 to authenticate OData API and SFAPI users. In this article, we will guide you to configure a new OAuth 2.0 client application. These steps also contain the information required to create a new SuccessFactors OAuth2 account for using this Snap Pack.
Prerequisites
Valid Company ID.
Valid Username and Password.
Permission to access Manage Integration Tools → Manage OAuth2 Client Applications
Configuring an OAuth 2.0 Client Application
Log into your SuccessFactors instance as an administrator.
Format of the login URL:https:// <Host>/login?company=<company id>Navigate to Admin Center>API Center>OAuth Configuration for OData and choose Register Client Application.
Alternatively, you can navigate by searching API Center or Manage OAuth2 Client Applications under Tools.
In the API Center page, choose OAuth Configuration for OData.
In the Manage OAuth2 Client Applications page, enter the following details:
Field | Description |
|---|---|
Company | The name of your company. This value is populated based on the instance of the company currently logged in. |
Application Name* | A unique name of your OAuth2 client. |
Description | A description for your application. |
Application URL* | A unique URL of the page that the client wants to display to the end user. This page contains additional information about the client application. This is needed for 3-legged OAuth, however it is not currently supported. |
Bind to Technical User | (Optional) Enable this option to restrict the access of the application to a technical user. A technical user is a special user created for integrating SAP SuccessFactors with other SAP products and solutions. |
Technical User ID | Required if you enable the Bind to Technical User checkbox. Enter the technical user name for your instance. Contact your system administrator or SAP Cloud Support if you do not know the technical user name. |
X509 Certificate* | The certificate corresponding to the private and public key used in the OAuth 2.0 authentication process. In this flow, SAP SuccessFactors require the public key and the client application has the private key. To register a client application, you must install the public key in SAP SuccessFactors. If you supply that certificate, you must use the RSA-SHA1, RSA- SHA2, or MD5 encryption type for authentication. You can obtain an X.509 certificate from a trusted service provider, or you can use a third-party tool to generate a self-signed certificate. If neither option is available, you can generate an X.509 certificate in SAP SuccessFactors. For enhanced security, we recommend that you use a self-signed certificate or one from your trusted service provider. In a .pem file, the X.509 certificate is a BASE64-encoded string enclosed between |
5. Click Register.
The API Key is generated and populated in the API Key field.
Do not copy the content in the field X.509 Certificate as Private key. The content in this field is the encrypted certificate. For getting a Private Key, you need to open your certificate using a text editor or other applicable text editing or viewing tools. You can find the private key between -----BEGIN ENCRYPTED PRIVATE KEY----- and ----- END ENCRYPTED PRIVATE KEY-----.
Creating Self-signed Certificate in SuccessFactors
From step 4 of Configuring an OAuth 2.0 Client Application procedure, click Generate X.509 Certificate.
In the Manage OAuth2 Client Applications page, enter the following details, and click Generate.
Field | Description |
|---|---|
Issued By | This value is preset to SuccessFactors. |
Common Name | The hostname or IP address for which the certificate is valid. The common name (CN) represents the hostname of your application. It is technically represented by the Common Name field in the X.509 certificate. This name does not include any protocol, port number, or path. For example, www.bestrun.com |
Organization | (Optional) The entity to which the certificate is issued. |
Organization Unit | (Optional) The organization unit of the entity to which the certificate is issued. |
Locality | (Optional) Name of locality of the entity to which the certificate is issued. |
State/Province | (Optional) Name of state or province of the entity to which the certificate is issued. |
Country | (Optional) Enter a two-letter country code of the entity to which the certificate is issued. A country code represents a country or a region. For example, AU. |
Validity | The number of days for which you want the X.509 certificate to be valid. |
3. Click Download to download the certificate.
There are other ways to generate the certificate, see SucessFactors Developer Guide.
Locate/Define Information Required to Create your SAP SuccessFactors OAuth2 Account
Specify the values required to create a successful SAP SuccessFactors OAuth2 account.
Navigate to the SuccessFactors Snap of your choice and configure the SuccessFactors OAuth2 Account with the following details:
API Key: Specify the API key of your OAuth 2.0 client application. Provide the API Key that is auto-generated after creating the app in your SuccessFactors instance.
Private Key: Specify the private key of the X509.certificate. Provide the Private Key that is auto-generated after creating the app in your SuccessFactors instance..
Click Validate and then click Apply.
The SuccessFactors OAuth2 account is created.
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.