Call Concur Apis Using A Multiple Use Bearer Token
Use a refresh token to get a multiple use bearer token to call a Concur API.
You will learn
- How to use a refresh token to get a multiple use bearer token to call a Concur API.
Marc BellAugust 18, 2023Created byAugust 18, 2023
Contributors
Prerequisites
- You have created a Refresh Token from an API call and managed refresh token expiration using the previous concur-refresh-token-management tutorial.
- SAP Concur instance credentials
- Node.js
- GitHub account
- IDE or text editor
- Step 1
- Go to the Company Request Token screen.
- Enter your App ID in the required field and click Submit to regenerate your company request token.
- Copy/paste the Company UUID and company request token fields to a text file.
- Click OK after you have saved this information to a text file.
- Step 3
- Type
node CallingAPIs.jsin terminal to run the app to generate yourcredentials.jsonfile. This generates messages in the terminal that show the credentials object.
- Fill in the empty fields in this file with the information in the credential object. You can use all of the information from your
credentials.jsonfile in the previous concur-refresh-token-management tutorial except for the company request token.
What is the multiple use bearer token used for?
- Type
- Step 4
- Run the app again. Since the app does not have a stored valid refresh token, the app will not find a valid refresh token in
refreshTokenObjectFile.json.
- The app will call the Oauth2 /token endpoint using your credentials and regenerate your refresh token.
- If the API call is successful, the refresh token data is converted from JSON format into a refresh token object and stored in the file
refreshTokenObjectFile.json.
- Run the app again. Since the app does not have a stored valid refresh token, the app will not find a valid refresh token in
- Step 5
- Run the app again. Since the app now has a valid refresh token, the app will successfully load and check the validity of the file
refreshTokenObjectFile.json.
- Check for a successful validity check on the refresh token object loaded from
refreshTokenObjectFile.json. If the refresh token object validity check is successful, the refresh token object will be stored in the app to make API calls.
- Run the app again. Since the app now has a valid refresh token, the app will successfully load and check the validity of the file
- Step 6
- The app will use the validated refresh token in the refresh token object to make an API call to get a bearer token.
- If the API call is successful, the bearer token data is converted from JSON format into a bearer token string.
- The bearer token string is used to make the API call to the Profile from ID v4 endpoint.
- If the API call is successful, the JSON response is displayed on the console.
- The app will use the validated refresh token in the refresh token object to make an API call to get a bearer token.