You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<p>This API is only for public use to support various SAP integration features or to the SAP Concur customer that has established corporate credit card accounts involved in the data (the “Customer Corporate Card Holder”). Such use must be in compliance with regulations and other industry standards, including but not limited to Payment Card Industry Data Security Standards (PCI DSS). Access to this documentation does not provide access to the API.<br/><br/>
1329
-
These APIs are available in US2, EU2, APJ1 and CCPS environments.</p>
1328
+
<ul>
1329
+
<li>Access to this documentation does not provide access to the API.</li>
1330
+
</ul>
1331
+
1332
+
<p>This API is only for public use to support various SAP integration features or to the SAP Concur customer that has established corporate credit card accounts involved in the data (the “Customer Corporate Card Holder”). Such use must be in compliance with regulations and other industry standards, including but not limited to Payment Card Industry Data Security Standards (PCI DSS).</p>
1333
+
1334
+
<p>These APIs are available in US2, EU2, APJ1 and CCPS environments.</p>
<li><ahref="https://tools.ietf.org/html/rfc7235#section-4.2">RFC 7235 Authorization</a> : Header used for authorization. Should be specified in the format ‘Bearer JWT_Token’. This is a Company JWT token.</li>
1395
+
<li><ahref="https://tools.ietf.org/html/rfc7235#section-4.2">RFC 7235 Authorization</a> : Header used for authorization. Should be specified in the format <codeclass="language-plaintext highlighter-rouge">Bearer JWT_Token</code>. This is a Company JWT token.</li>
1391
1396
<li><codeclass="language-plaintext highlighter-rouge">concur-correlationid</code> is a specific custom header used for technical support in the form of a <ahref="https://tools.ietf.org/html/rfc4122">RFC 4122 A Universally Unique IDentifier (UUID) URN Namespace</a></li>
<codeclass="language-plaintext highlighter-rouge">creditCardGuid</code>|<codeclass="language-plaintext highlighter-rouge">string</code>|-|Credit card GUID - It’s a token which represents a credit card number in Concur Expense. This creditCardGuid can be obtained from the cardAccountID field available in the Financial Integration Service (FIS) data.</p>
<td>Credit card GUID is a token which represents a credit card number in Concur Expense. This <codeclass="language-plaintext highlighter-rouge">creditCardGuid</code> can be obtained from the <codeclass="language-plaintext highlighter-rouge">cardAccountID</code> field available in the Financial Integration Service (FIS) data.</td>
<p>The FIPS Compliant v5 Credit Card Detokenization API will be set to launch within the CCPS environment for IBCP customers. This compliance-driven initiative aligns with the Federal Information Processor Standards (FIPS) to ensure robust protection of sensitive data, per U.S. federal requirements. For customers with entities in CCPS and IBCP card programs, the Detokenizer (DTK) functionality will be integral to the payment file process.</p>
429
+
430
+
<p>The FIPS Compliant v5 Credit Card Detokenization API is available for all environments as well as CCPS for IBCP corporate card customers. This compliance-driven initiative aligns with the Federal Information Processor Standards (FIPS) to ensure robust protection of sensitive data, per U.S. federal requirements. For customers with entities in these environments with individually billed, company paid (IBCP) card programs, the Detokenizer (DTK) functionality will be integral to their payment allocation process when reimbursing their corporate card programs outside of SAP Concur platform.</p>
<p>The first resource “RSAPublicKey” will return the RSA public key and version for the RSA public key. The caller needs to encrypt their symmetric key using this public key. This encrypted symmetric key and version needs to be passed to the “Credit Card Account Details” resource, along with the mandatory Credit Card GUID parameter to retrieve the encrypted credit card account number. The Credit Card GUID parameter can be retrieved from “cardAccountID” value available in the Financial Integration Service (FIS) payload.</p>
459
-
460
-
<p><strong>Limitations</strong></p>
461
-
462
-
<ul>
463
-
<li>Access to this documentation does not provide access to the API.</li>
464
-
</ul>
465
-
466
-
<p>This API is only for public use to support various SAP integration features or to the SAP Concur customer that has established corporate credit card accounts involved in the data (the “Customer Corporate Card Holder”). Such use must be in compliance with regulations and other industry standards, including but not limited to Payment Card Industry Data Security Standards (PCI DSS).</p>
459
+
<p>The first resource <codeclass="language-plaintext highlighter-rouge">RSAPublicKey</code> will return the RSA public key and version for the RSA public key. The caller needs to encrypt their symmetric key using this public key. This encrypted symmetric key and version needs to be passed to the “Credit Card Account Details” resource, along with the required Credit Card GUID parameter to retrieve the encrypted credit card account number. The Credit Card GUID parameter can be retrieved from <codeclass="language-plaintext highlighter-rouge">cardAccountID</code> value available in the Financial Integration Service (FIS) payload.</p>
467
460
468
461
<h3id="important-upcoming-shutdown-of-request-v1-v3-and-v31">Important! Upcoming Shutdown of Request V1, V3, and V3.1</h3>
0 commit comments