Image source: www.egencia.com
For business purposes Online Booking Service (like, Egencia) is used to book accommodations, air tickets and rent cars for employees’ business trips.
To simplify the process of business trips creation using Online Booking Services, integration to SAP is required:
- The Expense Report creation in SAP FI-TV is required to consider actual costs of a business trip;
- The Approval workflow is required to log the booking history and control the decision of the approval agents;
- For all participants of the approval process, making a decision from the notification email is required to simplify the process and avoid additional logging in;
- The redirection to Online Booking Service is required to finish the process of confirmation.
So, when Online Booking Service is integrated to SAP, booking of accommodations, air tickets and renting car using booking services will not require any additional actions in SAP from the business users as the whole process, from the email Online Booking Service receiving notification to the booking confirmation, is completed automatically by SAP.
The process starts with a new email booking service notification which is processed in SAP inbound class, and, thus, a new Expense Report is created and an approval workflow is started.
The approval agents receive an email notification with all required information about the Trip needed for the decision making:
The decision is recognized when the ‘approve’ or ‘refuse’ button is pressed. It should be processed both by SAP to change the workflow object’s status and by booking service to register the decision and confirm the current booking.
When the approval agent receives a notification email, it should contain the redirection links for approval decisions:
- to BSP application for calling OData service for the workflow processing;
- to Online Booking Service for confirmation/cancellation.
And here is the question: How should the approval agent be identified in the system?
To authorize the approval agents in BSP Application, SSO (Azure AD) is used.
SSO has a hard coded Return URL on Azure AD side. In this case, it is not possible to request Azure to return the business user back to previous page where the user was logging in.
In addition, it is impossible to use SSO to authorize the business user and route him/her to the Booking Service portal once the booking request is approved/refused in SAP.
Also, it is not possible to only approve/refuse in SAP and call Booking Service in the background, in many cases it does not work because:
- Approval links can expire because booking is expired;
- Approval links can be broken (booking service support team should be in contact);
- Approval links can be modified when a reminding message from the booking service is received; etc.
The sequence of actions to avoid all described above issues with redirection to external Online Booking Service is the following:
When all actions regarding the incoming email from booking service processing are done: the Expense Report is created in SAP, the workflow is started, the technical data is recorded for further processing and the notifications for the approver agents are sent, it is time to make a decision.
- The Business user clicks the “approve”/”refuse” button from the SAP email;
- The Business user is routed to Fiori system SICF web service with the work item and decision hash tag (GUID):
- SAP (Fiori server) checks the GUID using OData call to SAP ERP and reads the direct link for approval on External Booking Service page (if the links are changed, for instance Booking Service sends a reminder approval email with the new links, actual ones will be read from the table):
- SAP work item is updated, and at the same time SICF service (Fiori app) routs the business user to the Booking Service approval page (according to the decision the user has made in the SAP email).
OData service is called directly from the BSP application – no login in Fiori Launchpad is required for approval. The User is not authorized in the system to make the approval procedure simple and available via email.
So, for security purposes, to prevent any unexpected actions from the side of approval agent, the decision-making step in BSP Application is taken by the technical user.
SAP technical user ID is defined in SICF web service with a minimalistic profile that is just able to route GUID to OData service and get URL back.