Attention: SAP Field Service Management documentation is now available at the SAP Help Portal. On 31 December 2020, docs.coresystems will no longer be available. Until that time, documentation will NOT be updated in docs.coresystems.
Attention | client ID information is listed in the following guide. For custom integrations, aclient ID and client secret can also be generated at Admin > Account > Clients. |
Authorization Grant Type | Components |
---|---|
Resource Owner Password Credentials | client id, client secret, account name, account password |
Resource Owner Password Credentials | client id, client secret, account name/user name, user password |
Client Credentials | client id, client secret |
Authorization Code | authorization_code |
https://{cluster}.coresuite.com
Scope | Description | Clients |
---|---|---|
General | Allows to use a single access token for requests within any cluster. | Admin, Store |
Local | Allows to use a single access token for requests within single cluster only. | SAP FSM Cloud clients, Customer Cloud clients |
https://auth.coresuite.com |
Parameter | Description | Type | Required | Example |
---|---|---|---|---|
user | The user name. | String | Required | myUserName |
account | The name of the account for which the request is being made. | String | Required | myAccountName |
company | The name of the company. | String | Required | myCompanyName |
dtos | The data transfer object/s and their version being queried. Please note how this text is constructed: Resource1.Version;Resource2.Version;....;ResourceN.Version | String | Required | BusinessPartner.17;ServiceCall.17 |
Header | Description | Required | Example |
---|---|---|---|
X-Request-ID | Request id for request tracing, helps to idientiy your request in the system | Optional | 825adf80-9f1e-4e7d-90-704818fb2e00 |
X-Client-ID | Your client identifier. For information on generating client ID and secret, refer to the following. | Required | COR_CONNECTOR |
X-Client-Version | Your client version | Required | 0.0.1 |
Authorization | OAuth 2.0 token. | Required | bearer <access_token> |
Note: | Refresh tokens are currently not supported. |
POST /api/oauth2/v1/token
Authorization | Basic [client_id:client_secret (base64 encoded)] |
Content-Type | application/x-www-form-urlencoded |
grant_type | client_credentials or password |
username | cloud account name or cloud account name/cloud user name (only if grant_type = password) |
password | cloud account password or cloud user password (only if grant_type = password) |
Field | Description | Data Type |
---|---|---|
access_token | The access token issued by the authorization server. | String |
token_type | The type of the token issued. Value is case insensitive. | String |
expires_in | The lifetime in seconds of the access token. For example, the value “3600” denotes that the access token will expire in one hour from the time the response was generated. | Number |
scope | The scope of the access token as described in section 1.2.1. | String |
cluster_url | The cluster url as described in section 1.1.3. | String |
account | The authorized account. | String |
account_id | The numerical ID associated with the account. | Number |
user | The authorized user associated with the account. | String |
user_email | The email of the authorized user associated with the account. | String |
user_id | The ID associated with the authorized account user. | Number |
companies | If applicable, the company associated with the account, including id , name , and description . | String |
POST /api/oauth2/v1/token HTTP/1.1
Authorization | Basic dGVzdDpzZWNyZXQ= |
Content-Type | application/x-www-form-urlencoded |
grant_type=client_credentials
POST /api/oauth2/v1/token HTTP/1.1
Authorization | Basic dGVzdDpzZWNyZXQ= |
Content-Type | application/x-www-form-urlencoded |
grant_type=password&username=cym&password=passwordExample123
POST /api/oauth2/v1/token HTTP/1.1
Authorization | Basic dGVzdDpzZWNyZXQ= |
Content-Type | application/x-www-form-urlencoded |
grant_type=password&username=cym/manager&password=passwordExample123
POST /api/oauth2/v1/change_password
Authorization | Basic [client_id:client_secret (base64 encoded)] |
Content-Type | application/x-www-form-urlencoded |
username | Cloud account name or cloud account name/cloud user name (only if grant_type = password ) |
old_password | old password |
new_password | new password |
POST /api/oauth2/v1/change_password HTTP/1.1
Authorization | Basic dGVzdDpzZWNyZXQ= |
Content-Type | application/x-www-form-urlencoded |
username=cym/manager&old_password=oldPassword123&new_password=passwordExample123
Header | Query Parameter | Required | Description |
---|---|---|---|
X-Request-ID | requestId | no | Request identifier |
X-Client-Version | clientVersion | yes in case of local scope | Client version |
X-Client-ID | clientId | yes in case of local scope | Client identifier |
n/a | account | yes in case of local scope and client, account or user authorization | Account name |
n/a | company | yes in case of local scope and client, account or user authorization | Company name |
n/a | user | yes in case of local scope and user authorization | User name |
Authorization | access_token | yes | OAuth2 access token, (if used as a header must be prefixed with ‘Bearer ‘) |
GET https://eu.coresuite.com/api/data/v4/ServiceCall?dtos=ServiceCall.20&account=scribe&company=Ambit%20AG&clientIdentifier=COR_CON_NONE
Authorization | Bearer b47217ea-9512-49eb-8c03-ccff67d8e840 |
Content-Type | application/json |
X-Client-ID | scribe |
X-Client-Version | 1.0 |
POST https://eu.coresuite.com/api/query/v1?account=scribe&company=Ambit%20AG&clientIdentifier=COR_CON_NONE&dtos=BusinessPartner.17
Authorization | Bearer b47217ea-9512-49eb-8c03-ccff67d8e840 |
Content-Type | application/json |
X-Client-ID | scribe |
X-Client-Version | 1.0 |
error | error_description | HTTP status code | Description |
---|---|---|---|
expired_credentials | User credentials have expired | 400 | Password must be changed or has expired. Ask to change credentials. |
invalid_client | Client authentication failed | 401 | Wrong client id or client secret. Contact support. |
invalid_grant | Bad credentials | 400 | Wrong username or password. Ask for credentials again. |
saml_redirect | SAML redirect is required! | 403 | This error tells the client, that the given account and user should be authenticated via the SAML 2.0 Web Browser SSO Profile with the HTTP-Redirect Binding.The initial redirect URL is provide in the additional saml_redirect_url attribute. For example: As the result of the SAML workflow, the client agent will get a response from the cloud's SAML assertion endpoint identical with the response provided by Access Token Request (see above) |
unauthorized_client | Client is not authorized to use this grant type | 401 | Client is not allowed to for this Account or User. Contact support. |
error | message |
---|---|
MC-14 | Passwords don’t match |
MC-13 | Password is not valid |
MC-12 | Password is to fresh to change |
MC-11 | Password must contain at least [{0}] upper case letter(s) |
MC-10 | Password must contain at least [{0}] special character(s) |
MC-09 | Password must contain at least [{0}] lower case letter(s) |
MC-08 | Password must contain at least [{0}] letter(s) |
MC-07 | Password must contain at least [{0}] digit(s) |
MC-06 | Password must be at least [{0}] character(s) long |
MC-05 | Password was already used before |
error
, error_description
).error | error_description | HTTP status code | Description |
---|---|---|---|
invalid_token | 401 | The token is not valid or expired | |
invalid_request | 400 | The request is not valid |