Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
anand_jadhav
Occasional Member - Level 1
Thursday
Thursday

Seeking integration guidance for ReceiptSpot app with SAP Concur (no partnership yet)

I've emailed to team about integrating our mobile app ReceiptSpot (receipt capture/organization tool) with Concur. We're building an outbound OAuth integration where users authorize ReceiptSpot to push selected receipts + images to their Concur expense reports (not replacing Concur).

Current status: Waiting for technical guidance but want community input on next steps without full App Center partnership.

Key questions:

Sandbox access for dev/testing without customer account or partnership?

OAuth app registration process for ISVs—self-service Client ID/secret possible?

Minimum scopes for Expense Reports v4 + Receipts v4 (push expenses/images)?

Dev endpoints (geolocation/base URI) and test user setup?

Our flow: User connects Concur → ReceiptSpot backend stores tokens → API calls to create expenses/attach images.

Happy to share our architecture diagram. What's the fastest path forward? Thanks!

0 Kudos
1 Solution
Solution
PoojaKumatkar
Super User
Super User
Friday
Friday

Hi @anand_jadhav ,

 

Note - I have limited knowledge of the Concur API, but I believe the information below should give you a good starting point.

 

Please find below response to your questions.

 

Sandbox access for dev/testing without customer account or partnership?

For SAP Concur Expense APIs, you typically cannot get a standalone public sandbox without either:

  • a Concur customer account with Web Services enabled, or
  • an SAP Concur partner/App Center relationship.

Most ISVs get sandbox/dev access through the partner onboarding process.

 

OAuth app registration process for ISVs—self-service Client ID/secret possible?

Yes — but only within a SAP Concur tenant that has Web Services/API access enabled. Admins can self-register OAuth apps and generate Client ID/secret using Concur’s Application Management tools. There is no completely public self-service registration for external ISVs without a tenant/partner access.

 

Minimum scopes for Expense Reports v4 + Receipts v4 (push expenses/images)?

Minimum typical SAP Concur scopes for creating expense entries and uploading receipt images:

  • expense.report.read
  • expense.report.write
  • expense.entry.read
  • expense.entry.write
  • receipt.read
  • receipt.write

You’ll also commonly need:

  • openid
  • user.read

Actual access also depends on tenant-level API entitlements/features being enabled.

 

Dev endpoints (geolocation/base URI) and test user setup?

SAP Concur uses region-specific base URIs (US/EU/APJ). After OAuth, apps typically discover the correct API base URI dynamically from Identity/User endpoints rather than hardcoding it.

Test users must be created inside a Concur sandbox/customer tenant with Expense enabled and proper permissions assigned.

 

 

If this answers your query, then please mark solution as accepted.

Thanks!
Regards,
Pooja

View solution in original post

0 Kudos
5 REPLIES 5
Solution
PoojaKumatkar
Super User
Super User
Friday
Friday

Hi @anand_jadhav ,

 

Note - I have limited knowledge of the Concur API, but I believe the information below should give you a good starting point.

 

Please find below response to your questions.

 

Sandbox access for dev/testing without customer account or partnership?

For SAP Concur Expense APIs, you typically cannot get a standalone public sandbox without either:

  • a Concur customer account with Web Services enabled, or
  • an SAP Concur partner/App Center relationship.

Most ISVs get sandbox/dev access through the partner onboarding process.

 

OAuth app registration process for ISVs—self-service Client ID/secret possible?

Yes — but only within a SAP Concur tenant that has Web Services/API access enabled. Admins can self-register OAuth apps and generate Client ID/secret using Concur’s Application Management tools. There is no completely public self-service registration for external ISVs without a tenant/partner access.

 

Minimum scopes for Expense Reports v4 + Receipts v4 (push expenses/images)?

Minimum typical SAP Concur scopes for creating expense entries and uploading receipt images:

  • expense.report.read
  • expense.report.write
  • expense.entry.read
  • expense.entry.write
  • receipt.read
  • receipt.write

You’ll also commonly need:

  • openid
  • user.read

Actual access also depends on tenant-level API entitlements/features being enabled.

 

Dev endpoints (geolocation/base URI) and test user setup?

SAP Concur uses region-specific base URIs (US/EU/APJ). After OAuth, apps typically discover the correct API base URI dynamically from Identity/User endpoints rather than hardcoding it.

Test users must be created inside a Concur sandbox/customer tenant with Expense enabled and proper permissions assigned.

 

 

If this answers your query, then please mark solution as accepted.

Thanks!
Regards,
Pooja
0 Kudos
anand_jadhav
Occasional Member - Level 1
In response to PoojaKumatkar
Friday
Friday

I have sent detailed email to  SAP Concur Community <sapconcurcommunity@sap.com>

0 Kudos
KevinD
Community Manager
Community Manager
In response to anand_jadhav
Friday
Friday

@anand_jadhav that mail inbox isn't monitored. I looked up your company's profile and it says you are currently in Implementation. I would suggest speaking with your assigned implementation project manager about this and see if they can point you to some resources. 


Thank you,
Kevin
SAP Concur Community Manager
Did this response answer your question? Be sure to select “Accept as Solution” so your fellow community members can be helped by it as well.
anand_jadhav
Occasional Member - Level 1
In response to KevinD
yesterday
yesterday

Below email has been sent to that mail box.

*************

Hi Pooja,

 

Thank you for the detailed reply — this is exactly the kind of grounding we needed on sandbox access, OAuth registration boundaries, suggested scopes, and region-specific base URIs.

For context, I’m with Humanic Apps. We’re building ReceiptSpot, a mobile-first expense and receipt platform that captures receipts (including camera capture and OCR), supports business invoicing and POS integrations, and includes an SAP Concur integration path so organizations can push receipt images and expense data into SAP Concur Expense (Reports / Receipts APIs — v4-style flows). Our backend (ReceiptVault) implements authenticated REST APIs and will use OAuth 2.0 against Concur once we have tenant-based app registration and credentials. Until then we rely on mock/sandbox-style configuration for internal development only.

 

Your summary aligns with our planning:

  • We do not expect a standalone public sandbox without either partner/App Center onboarding or a customer tenant with Web Services enabled.
  • We understand Client ID / secret are created inside a tenant that has API / Web Services enabled, not via a fully public ISV portal.
  • We’ll treat dynamic discovery of the correct API base URI (US/EU/APJ) after OAuth as a design requirement, not a fixed hostname in code.
  • We’ll use your scope list as our starting baseline (openid, user.read, expense.report.read/write, expense.entry.read/write, receipt.read/write), knowing tenant entitlements may refine what’s granted.

 

To move forward with SAP Concur, we need clarity on the practical next steps from SAP’s side:

  1. Partner / App Center onboarding — What is the recommended entry path for an ISV like Humanic Apps to obtain development/sandbox access (and eventually listing if we pursue App Center)? Is there a specific portal, form, or partner manager contact we should use?
  2. Sandbox provisioning — When onboarding as a partner, who provisions the sandbox tenant (SAP vs partner vs joint process), and what is a typical timeline once an application is submitted?
  3. OAuth application registration — For ISVs in onboarding, should we assume we register the OAuth client in the sandbox tenant once provisioned, or does SAP sometimes issue apps centrally?
  4. Documentation anchors — Beyond scopes, we’d appreciate pointers to the current SAP Concur developer documentation for OAuth (authorization code / refresh), Identity / geolocation discoveryExpense Reports v4, and Receipts v4 (image upload), so our implementation matches SAP’s latest patterns.
  5. Pilot alternative — If a mutual customer already has Concur with Web Services enabled, is app registration within that customer’s tenant a supported short-term path for a controlled pilot, alongside formal partner onboarding?

 

If this thread expects a “solution accepted” action on your side, I’m happy to mark it accordingly — your answer gave us a solid starting point.

 

Thank you again for your time and guidance.

PoojaKumatkar
Super User
Super User
In response to anand_jadhav
yesterday
yesterday

Hi @anand_jadhav ,

 

Just to clarify, I am not part of the SAP Concur organization. I work for one of the partner companies. Since this is a public forum, anyone in the community can respond to posts, especially if they have faced similar requirements or worked on related scenarios in the past. 

That said, regarding your email above, I will not receive any notifications unless you reply here in the community forum. As an active community member, I share my knowledge and experience to help users and Concur admins resolve configuration-related technical issues or at least guide them toward possible solutions. 🙂

 

Regarding your above questions:

  • For point #1, #2 and #5As mentioned by @KevinD , I would suggest speaking with your assigned implementation project manager as they are in the right position to guide you on the next steps.

 

  • 3. OAuth application registration — For ISVs in onboarding, should we assume we register the OAuth client in the sandbox tenant once provisioned, or does SAP sometimes issue apps centrally? - 

Yes, you can do it yourself, and the app registration process is quite simple.

Concur Role Required - Web Services Administrator

You can refer to the below standard documentation:

How to register an app:

https://developer.concur.com/api-reference/authentication/oauth2-app-mgmt-tool.html

How to generate refresh token:

https://developer.concur.com/api-reference/authentication/company-refresh-tool.html

Overall Authentication Setup Steps:

https://developer.concur.com/api-reference/authentication/getting-started.html

PoojaKumatkar_0-1778393527845.png

Note - You can also raise a support case with Concur if you face any technical difficulties during the authentication or testing process.

 

4. Documentation anchors — Beyond scopes, we’d appreciate pointers to the current SAP Concur developer documentation for OAuth (authorization code / refresh), Identity / geolocation discoveryExpense Reports v4, and Receipts v4 (image upload), so our implementation matches SAP’s latest patterns.

Document link for Expense Reports v4 API:

https://developer.concur.com/api-reference/expense/expense-report/v4.reports.html

Document link for Receipts v3 API:

PoojaKumatkar_1-1778394038687.png

 

Referring to my previous response, since you have already confirmed above that it addressed your query, as a Super User, I am marking it as the “Accepted Solution” on your behalf. 🙂

 

 

If this answers your query, then please mark solution as accepted.

Thanks!
Regards,
Pooja
0 Kudos
SAP Concur Community
SAP Concur
SAP
Additional Resources
© Copyright 2026 Concur Technologies, Inc. All rights reserved.
Privacy Policy|Terms of Use|Do Not Share/Sell My Personal Information|