Skip to Content

Create Tokens Required for Concur API Access

Advanced
20 min.
SAP Concur, Advanced, Tutorial
Create an app with a company request token to create a refresh token for API access.
You will learn
  • How to create a new app
  • How to generate your company request token from the app
  • How to create your credentials.json file using information from the app and the company request token
  • How to create a refresh token from an API call using the credentials.json file
MarcBell-SAPMarc BellJuly 11, 2023
Created by
MarcBell-SAP
July 11, 2023
Contributors
MarcBell-SAP

Prerequisites

  • Step 1
    1. Login to your Concur admin panel.
    2. Enter your user ID and click Next.
      image
    3. Enter your password and click Sign In.
      image
  • Step 2
    1. Go to the OAuth 2.0 Application Management screen.
    2. Click Create new app.
      image
    3. Fill in all of the required fields and add all of the grants and scopes you have access to.
      image
    4. Click Submit when the form is completed.
      image
    5. Copy and paste your Client ID and Client Secret to a text file.
      image
    6. Click OK when completed.
      image
  • Step 3
    1. Go to the Company Request Token screen.
    2. Enter your App ID in the required field and click Submit to generate your company request token.
    3. Copy/paste the Company UUID and company request token fields to a text file.
      image
    4. Click OK after you have saved this information to a text file.
      image
  • Step 4
    1. Get the Node.js sample code.
    2. Open SampleCode/Tutorial_1/GetRefreshToken.js in your IDE or text editor.

    What is the Company Request Token used for?

  • Step 5
    1. Type node GetRefreshToken.js in terminal to run the app to generate your credentials.json file. This generates messages in the terminal that show the credentials object.
      image

      image
    2. Fill in the empty fields in this file with the information in the credential object.
      image
  • Step 6
    1. Run the app again. The app will call the Oauth2 /token endpoint using your credentials and generate your refresh token.
      image
    2. Check if your credentials were transferred from the JSON file to the credentials object.
    3. Check for a successful validity check on the credentials object.
    4. Check for a successful API call. The status code will be 2xx and the refresh token will be one of the refresh token object properties.
      image
Back to Top
Back to top