Line of Business: 

Nakisa Hanelly data integration with SAP SuccessFactors and the transition to OAuth2

Nakisa Hanelly data integration with SAP SuccessFactors and the transition to OAuth2
Facebook
Twitter
LinkedIn

Data integration

Nakisa Hanelly focuses on providing end to end organization analysis and design solutions that empower HR and business leaders to make timely and informed decisions based on data—and to ultimately build an agile organization that supports the strategic goals of their company.

An important component of this spectrum of solutions and products are the connectors that Nakisa provides out of the box to integrate with various HCM and financial systems, to securely and efficiently bring relevant data to Nakisa’s HCM core.

Data integration and data migration at the enterprise scale is often complex, labor intensive and prone to security and data privacy concerns and challenges. Nakisa however, has a very focused and streamlined solution that has been developed, tested and perfected. It is backed by over two decades of experience in the field.

Sunsetting Basic Auth and replacing it with OAuth2

One of the systems that Nakisa Hanelly integrates with to securely and reliably collect relevant data from is SAP SuccessFactors.

SAP SuccessFactors is a modern SAAS HCM system with various modules that support employee journey and organization management.

The Hanelly-SuccessFactors bi-directional data integration is done via an authenticated connection over Secured HTTP (https) with an optional but highly recommended IP restriction.

To authenticate access to its APIs, both SFAPI and OData API, SuccessFactors used a method called Basic Auth. This method uses a username-password-company code combination paired with IP restriction to confirm legitimacy of the source of calls made to either query data or update data via API.

Last year SAP announced that it will stop further development of Basic Auth method to develop and further improve a newer authentication technology based on a more modern protocol called OAuth2. SAP also announced that by end of 2022, it intends to sunset Basic Auth.

Nakisa has also been preparing for this transition by designing and implementing the underlining components. It will roll out the final solution by mid-2022 to provide ample time to its customers to switch to this new method for their SAP SuccessFactors data integration. On the customer side, the effort will be minimal with a simple one-time re-configuration re-establishment of the connection between Nakisa Hanelly and SuccessFactors.

What is OAuth2

So, what is OAuth2 and how does it work? OAuth2 is a framework that allows applications to authenticate with a host application while requiring a minimum exchange of information: a token. Because this method does not require a password exchange, it provides more control and flexibility in granting or revoking access to one application, with zero impact on other applications. This is the preferred method for applications to integrate via API.

There are two parts to this:

  1. Register the client application, in this case Nakisa SuccessFactors Connector, with the host application, in this case SAP SuccessFactors. In this step, a certificate is generated (by the client), and its public key is shared with the host application. This is a one-time set up step.
  2. The connection and request to query or update data. This step repeats every time there is data exchange via API; in our case, OData API.
    1. Connection is initiated by the client application contacting the host, identifying itself and receiving a token.
    2. The client then contacts the authorization service of the host and provides the token that it previously received from the host’s user services. In return, after its authorization is reviewed and confirmed, client receives another key, assertion key.
    3. Client then uses this assertion key to contact the resource service and submit requests to query or update data. These requests are then fulfilled within the boundaries of the client’s assertion key.

Below is a diagram illustrating these steps.

Nakisa Hanelly data integration with SAP SuccessFactors and the transition to OAuth2
Nakisa Hanelly data integration with SAP SuccessFactors and the transition to OAuth2
Learn more about Nakisa's native bidirectional integrations.
Be the first to know!
  Subscribe to the Nakisa newsletter.

Further Reading

HR-Suite-Main

Nakisa
HR suite

Nakisa
Finance Suite

📃 Download our 2023 Voice of Client Report and explore the improvements we've made based on your feedback! ✔

HR-Suite-Main

Nakisa HR suite

Nakisa Lease Administration