Flexera's SaaS Management integration with Coupa has been enhanced with the more secure authentication method OAuth2 with Client Credentials. Beginning with Release 35 (January 2023), Coupa will no longer support API keys and instead require the use of the more secure authentication method OAuth2 with Client Credentials. The following details will help you prepare for the Expense (Coupa) integration enhancement.
You must grant permissions using the Coupa Integration Admin role with the generated Client ID and Client Secret values as described in Actions Required for Existing SaaS Management Integrations with Expense (Coupa).
Due to SaaS Management's migration from the token-based authentication method to OAuth2, existing Expense (Coupa) integrations will fail due to a 401 Unauthorized Error. Once the Expense (Coupa) integration tasks start failing, you must reauthorize the Expense (Coupa) integration using the Coupa Integration Admin role with the generated Client ID and Client Secret values as described below.
Minimum API required permissions are based on the Application Permission and User Role.
Table -1 • Application Permission
Permission |
Description |
Integration Task Name |
core.user.read | To read the list of users in your Coupa account | Application Roster |
core.expense.read | To read the Expense data in your Coupa account | Expense Discovery |
Table -2 • User Role
Role |
Description |
Integration Admin |
To grant the application permissions, the user must have Integration Admin access. For details, refer to Coupa’s documentation section OAuth 2.0 Getting Started with Coupa API. |
Log in to Coupa as an Integration Admin to create an OAuth2/OIDC client with the client credentials grant type. Once configured, the Client ID and Client Secret values are used to gain access to the Coupa API.
More information on new features and enhancements can be found in What's New in Flexera One.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.